Clear VPN after Clear credentials if VPN is being established

1. There is no way to disconnect VPN after 'Clear credentials'
without removing whole Internet connection because VPN profile to
disconnect is removed when Clear credentials.

2. This commit checks whether VPN is being established or not when
Clear credentials and disconnect VPN if VPN is being established.
Lastly, this shows a toast message to inform VPN disconnected.

Test: manual - took a photo

Signed-off-by : Sungmin Lee <insight.lee@lge.com>
Bug: 29093779

Change-Id: Id5ea01c8731b3b0fca2a31d9d84e8c103952b377

diff --git a/res/values/strings.xml b/res/values/strings.xml
index 4dcca62..877da58 100644 (file)
--- a/res/values/strings.xml
+++ b/res/values/strings.xml
@@ -5357,6 +5357,8 @@
 
     <!-- Toast message when there is no network connection to start VPN. [CHAR LIMIT=100] -->
     <string name="vpn_no_network">There is no network connection. Please try again later.</string>
+    <!-- Toast message when VPN has disconnected automatically due to Clear credentials. [CHAR LIMIT=NONE] -->
+    <string name="vpn_disconnected">Disconnected from VPN</string>
     <!-- Toast message when a certificate is missing. [CHAR LIMIT=100] -->
     <string name="vpn_missing_cert">A certificate is missing. Please edit the profile.</string>
 

diff --git a/src/com/android/settings/CredentialStorage.java b/src/com/android/settings/CredentialStorage.java
index eed380b..df3d3e9 100644 (file)
--- a/src/com/android/settings/CredentialStorage.java
+++ b/src/com/android/settings/CredentialStorage.java
@@ -47,6 +47,7 @@ import android.widget.Toast;
 import com.android.internal.widget.LockPatternUtils;
 import com.android.org.bouncycastle.asn1.ASN1InputStream;
 import com.android.org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
+import com.android.settings.vpn2.VpnUtils;
 
 import sun.security.util.ObjectIdentifier;
 import sun.security.x509.AlgorithmId;
@@ -361,6 +362,7 @@ public final class CredentialStorage extends Activity {
             if (success) {
                 Toast.makeText(CredentialStorage.this,
                                R.string.credentials_erased, Toast.LENGTH_SHORT).show();
+                clearLegacyVpnIfEstablished();
             } else {
                 Toast.makeText(CredentialStorage.this,
                                R.string.credentials_not_erased, Toast.LENGTH_SHORT).show();
@@ -369,6 +371,14 @@ public final class CredentialStorage extends Activity {
         }
     }
 
+    private void clearLegacyVpnIfEstablished() {
+        boolean isDone = VpnUtils.disconnectLegacyVpn(getApplicationContext());
+        if (isDone) {
+            Toast.makeText(CredentialStorage.this, R.string.vpn_disconnected,
+                    Toast.LENGTH_SHORT).show();
+        }
+    }
+
     /**
      * Prompt for key guard configuration confirmation.
      */

diff --git a/src/com/android/settings/vpn2/ConfigDialogFragment.java b/src/com/android/settings/vpn2/ConfigDialogFragment.java
index 788b9a9..af435f0 100644 (file)
--- a/src/com/android/settings/vpn2/ConfigDialogFragment.java
+++ b/src/com/android/settings/vpn2/ConfigDialogFragment.java
@@ -176,9 +176,7 @@ public class ConfigDialogFragment extends DialogFragment implements
         try {
             LegacyVpnInfo connected = mService.getLegacyVpnInfo(UserHandle.myUserId());
             if (connected != null && profile.key.equals(connected.key)) {
-                VpnUtils.clearLockdownVpn(getContext());
-                mService.prepareVpn(VpnConfig.LEGACY_VPN, VpnConfig.LEGACY_VPN,
-                        UserHandle.myUserId());
+                VpnUtils.disconnectLegacyVpn(getContext());
             }
         } catch (RemoteException e) {
             Log.e(TAG, "Failed to disconnect", e);

diff --git a/src/com/android/settings/vpn2/VpnUtils.java b/src/com/android/settings/vpn2/VpnUtils.java
index 6afa79b..0e9a87e 100644 (file)
--- a/src/com/android/settings/vpn2/VpnUtils.java
+++ b/src/com/android/settings/vpn2/VpnUtils.java
@@ -17,8 +17,15 @@ package com.android.settings.vpn2;
 
 import android.content.Context;
 import android.net.ConnectivityManager;
+import android.net.IConnectivityManager;
+import android.os.RemoteException;
+import android.os.ServiceManager;
 import android.security.Credentials;
 import android.security.KeyStore;
+import android.util.Log;
+
+import com.android.internal.net.LegacyVpnInfo;
+import com.android.internal.net.VpnConfig;
 
 /**
  * Utility functions for vpn.
@@ -27,6 +34,8 @@ import android.security.KeyStore;
  */
 public class VpnUtils {
 
+    private static final String TAG = "VpnUtils";
+
     public static String getLockdownVpn() {
         final byte[] value = KeyStore.getInstance().get(Credentials.LOCKDOWN_VPN);
         return value == null ? null : new String(value);
@@ -48,4 +57,21 @@ public class VpnUtils {
     public static boolean isVpnLockdown(String key) {
         return key.equals(getLockdownVpn());
     }
+
+    public static boolean disconnectLegacyVpn(Context context) {
+        try {
+            int userId = context.getUserId();
+            IConnectivityManager connectivityService = IConnectivityManager.Stub
+                    .asInterface(ServiceManager.getService(Context.CONNECTIVITY_SERVICE));
+            LegacyVpnInfo currentLegacyVpn = connectivityService.getLegacyVpnInfo(userId);
+            if (currentLegacyVpn != null) {
+                clearLockdownVpn(context);
+                connectivityService.prepareVpn(null, VpnConfig.LEGACY_VPN, userId);
+                return true;
+            }
+        } catch (RemoteException e) {
+            Log.e(TAG, "Legacy VPN could not be disconnected", e);
+        }
+        return false;
+    }
 }