Merge "Clear VPN after Clear credentials if VPN is being established"

    <!-- Toast message when there is no network connection to start VPN. [CHAR LIMIT=100] -->

    <!-- Toast message when there is no network connection to start VPN. [CHAR LIMIT=100] -->

    <string name="vpn_no_network">There is no network connection. Please try again later.</string>

    <string name="vpn_no_network">There is no network connection. Please try again later.</string>

    <!-- Toast message when VPN has disconnected automatically due to Clear credentials. [CHAR LIMIT=NONE] -->

    <string name="vpn_disconnected">Disconnected from VPN</string>

    <!-- Toast message when a certificate is missing. [CHAR LIMIT=100] -->

    <!-- Toast message when a certificate is missing. [CHAR LIMIT=100] -->

    <string name="vpn_missing_cert">A certificate is missing. Please edit the profile.</string>

    <string name="vpn_missing_cert">A certificate is missing. Please edit the profile.</string>

import com.android.internal.widget.LockPatternUtils;

import com.android.internal.widget.LockPatternUtils;

import com.android.org.bouncycastle.asn1.ASN1InputStream;

import com.android.org.bouncycastle.asn1.ASN1InputStream;

import com.android.org.bouncycastle.asn1.pkcs.PrivateKeyInfo;

import com.android.org.bouncycastle.asn1.pkcs.PrivateKeyInfo;

import com.android.settings.vpn2.VpnUtils;

import sun.security.util.ObjectIdentifier;

import sun.security.util.ObjectIdentifier;

import sun.security.x509.AlgorithmId;

import sun.security.x509.AlgorithmId;

            if (success) {

            if (success) {

                Toast.makeText(CredentialStorage.this,

                Toast.makeText(CredentialStorage.this,

                               R.string.credentials_erased, Toast.LENGTH_SHORT).show();

                               R.string.credentials_erased, Toast.LENGTH_SHORT).show();

                clearLegacyVpnIfEstablished();

            } else {

            } else {

                Toast.makeText(CredentialStorage.this,

                Toast.makeText(CredentialStorage.this,

                               R.string.credentials_not_erased, Toast.LENGTH_SHORT).show();

                               R.string.credentials_not_erased, Toast.LENGTH_SHORT).show();

        }

        }

    }

    }

    private void clearLegacyVpnIfEstablished() {

        boolean isDone = VpnUtils.disconnectLegacyVpn(getApplicationContext());

        if (isDone) {

            Toast.makeText(CredentialStorage.this, R.string.vpn_disconnected,

                    Toast.LENGTH_SHORT).show();

        }

    }

    /**

    /**

     * Prompt for key guard configuration confirmation.

     * Prompt for key guard configuration confirmation.

     */

     */

        try {

        try {

            LegacyVpnInfo connected = mService.getLegacyVpnInfo(UserHandle.myUserId());

            LegacyVpnInfo connected = mService.getLegacyVpnInfo(UserHandle.myUserId());

            if (connected != null && profile.key.equals(connected.key)) {

            if (connected != null && profile.key.equals(connected.key)) {

                VpnUtils.clearLockdownVpn(getContext());

                VpnUtils.disconnectLegacyVpn(getContext());

                mService.prepareVpn(VpnConfig.LEGACY_VPN, VpnConfig.LEGACY_VPN,

                        UserHandle.myUserId());

            }

            }

        } catch (RemoteException e) {

        } catch (RemoteException e) {

            Log.e(TAG, "Failed to disconnect", e);

            Log.e(TAG, "Failed to disconnect", e);

import android.content.Context;

import android.content.Context;

import android.net.ConnectivityManager;

import android.net.ConnectivityManager;

import android.net.IConnectivityManager;

import android.os.RemoteException;

import android.os.ServiceManager;

import android.security.Credentials;

import android.security.Credentials;

import android.security.KeyStore;

import android.security.KeyStore;

import android.util.Log;

import com.android.internal.net.LegacyVpnInfo;

import com.android.internal.net.VpnConfig;

/**

/**

 * Utility functions for vpn.

 * Utility functions for vpn.

 */

 */

public class VpnUtils {

public class VpnUtils {

    private static final String TAG = "VpnUtils";

    public static String getLockdownVpn() {

    public static String getLockdownVpn() {

        final byte[] value = KeyStore.getInstance().get(Credentials.LOCKDOWN_VPN);

        final byte[] value = KeyStore.getInstance().get(Credentials.LOCKDOWN_VPN);

        return value == null ? null : new String(value);

        return value == null ? null : new String(value);

    public static boolean isVpnLockdown(String key) {

    public static boolean isVpnLockdown(String key) {

        return key.equals(getLockdownVpn());

        return key.equals(getLockdownVpn());

    }

    }

    public static boolean disconnectLegacyVpn(Context context) {

        try {

            int userId = context.getUserId();

            IConnectivityManager connectivityService = IConnectivityManager.Stub

                    .asInterface(ServiceManager.getService(Context.CONNECTIVITY_SERVICE));

            LegacyVpnInfo currentLegacyVpn = connectivityService.getLegacyVpnInfo(userId);

            if (currentLegacyVpn != null) {

                clearLockdownVpn(context);

                connectivityService.prepareVpn(null, VpnConfig.LEGACY_VPN, userId);

                return true;

            }

        } catch (RemoteException e) {

            Log.e(TAG, "Legacy VPN could not be disconnected", e);

        }

        return false;

    }

}

}