1 /* 2 * Copyright (C) 2015 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17 package com.android.settings.vpn2; 18 19 import java.util.Arrays; 20 21 import android.app.Dialog; 22 import android.app.DialogFragment; 23 import android.content.Context; 24 import android.content.DialogInterface; 25 import android.net.ConnectivityManager; 26 import android.net.IConnectivityManager; 27 import android.os.Bundle; 28 import android.os.RemoteException; 29 import android.os.ServiceManager; 30 import android.os.UserHandle; 31 import android.security.Credentials; 32 import android.security.KeyStore; 33 import android.util.Log; 34 import android.widget.Toast; 35 36 import com.android.internal.net.LegacyVpnInfo; 37 import com.android.internal.net.VpnConfig; 38 import com.android.internal.net.VpnProfile; 39 import com.android.settings.R; 40 41 /** 42 * Fragment wrapper around a {@link ConfigDialog}. 43 */ 44 public class ConfigDialogFragment extends DialogFragment implements 45 DialogInterface.OnClickListener { 46 private static final String TAG_CONFIG_DIALOG = "vpnconfigdialog"; 47 private static final String TAG = "ConfigDialogFragment"; 48 49 private static final String ARG_PROFILE = "profile"; 50 private static final String ARG_EDITING = "editing"; 51 private static final String ARG_EXISTS = "exists"; 52 53 private final IConnectivityManager mService = IConnectivityManager.Stub.asInterface( 54 ServiceManager.getService(Context.CONNECTIVITY_SERVICE)); 55 56 private boolean mUnlocking = false; 57 show(VpnSettings parent, VpnProfile profile, boolean edit, boolean exists)58 public static void show(VpnSettings parent, VpnProfile profile, boolean edit, boolean exists) { 59 if (!parent.isAdded()) return; 60 61 Bundle args = new Bundle(); 62 args.putParcelable(ARG_PROFILE, profile); 63 args.putBoolean(ARG_EDITING, edit); 64 args.putBoolean(ARG_EXISTS, exists); 65 66 final ConfigDialogFragment frag = new ConfigDialogFragment(); 67 frag.setArguments(args); 68 frag.setTargetFragment(parent, 0); 69 frag.show(parent.getFragmentManager(), TAG_CONFIG_DIALOG); 70 } 71 72 @Override onResume()73 public void onResume() { 74 super.onResume(); 75 76 // Check KeyStore here, so others do not need to deal with it. 77 if (!KeyStore.getInstance().isUnlocked()) { 78 if (!mUnlocking) { 79 // Let us unlock KeyStore. See you later! 80 Credentials.getInstance().unlock(getActivity()); 81 } else { 82 // We already tried, but it is still not working! 83 dismiss(); 84 } 85 mUnlocking = !mUnlocking; 86 return; 87 } 88 89 // Now KeyStore is always unlocked. Reset the flag. 90 mUnlocking = false; 91 } 92 93 @Override onCreateDialog(Bundle savedInstanceState)94 public Dialog onCreateDialog(Bundle savedInstanceState) { 95 Bundle args = getArguments(); 96 VpnProfile profile = (VpnProfile) args.getParcelable(ARG_PROFILE); 97 boolean editing = args.getBoolean(ARG_EDITING); 98 boolean exists = args.getBoolean(ARG_EXISTS); 99 100 return new ConfigDialog(getActivity(), this, profile, editing, exists); 101 } 102 103 @Override onClick(DialogInterface dialogInterface, int button)104 public void onClick(DialogInterface dialogInterface, int button) { 105 ConfigDialog dialog = (ConfigDialog) getDialog(); 106 VpnProfile profile = dialog.getProfile(); 107 108 if (button == DialogInterface.BUTTON_POSITIVE) { 109 // Update KeyStore entry 110 KeyStore.getInstance().put(Credentials.VPN + profile.key, profile.encode(), 111 KeyStore.UID_SELF, /* flags */ 0); 112 113 // Flush out old version of profile 114 disconnect(profile); 115 116 updateLockdownVpn(dialog.isVpnAlwaysOn(), profile); 117 118 // If we are not editing, connect! 119 if (!dialog.isEditing() && !VpnUtils.isVpnLockdown(profile.key)) { 120 try { 121 connect(profile); 122 } catch (RemoteException e) { 123 Log.e(TAG, "Failed to connect", e); 124 } 125 } 126 } else if (button == DialogInterface.BUTTON_NEUTRAL) { 127 // Disable profile if connected 128 disconnect(profile); 129 130 // Delete from KeyStore 131 KeyStore keyStore = KeyStore.getInstance(); 132 keyStore.delete(Credentials.VPN + profile.key, KeyStore.UID_SELF); 133 134 updateLockdownVpn(false, profile); 135 } 136 dismiss(); 137 } 138 139 @Override onCancel(DialogInterface dialog)140 public void onCancel(DialogInterface dialog) { 141 dismiss(); 142 super.onCancel(dialog); 143 } 144 updateLockdownVpn(boolean isVpnAlwaysOn, VpnProfile profile)145 private void updateLockdownVpn(boolean isVpnAlwaysOn, VpnProfile profile) { 146 // Save lockdown vpn 147 if (isVpnAlwaysOn) { 148 // Show toast if vpn profile is not valid 149 if (!profile.isValidLockdownProfile()) { 150 Toast.makeText(getContext(), R.string.vpn_lockdown_config_error, 151 Toast.LENGTH_LONG).show(); 152 return; 153 } 154 155 final ConnectivityManager conn = ConnectivityManager.from(getActivity()); 156 conn.setAlwaysOnVpnPackageForUser(UserHandle.myUserId(), null, 157 /* lockdownEnabled */ false); 158 VpnUtils.setLockdownVpn(getContext(), profile.key); 159 } else { 160 // update only if lockdown vpn has been changed 161 if (VpnUtils.isVpnLockdown(profile.key)) { 162 VpnUtils.clearLockdownVpn(getContext()); 163 } 164 } 165 } 166 connect(VpnProfile profile)167 private void connect(VpnProfile profile) throws RemoteException { 168 try { 169 mService.startLegacyVpn(profile); 170 } catch (IllegalStateException e) { 171 Toast.makeText(getActivity(), R.string.vpn_no_network, Toast.LENGTH_LONG).show(); 172 } 173 } 174 disconnect(VpnProfile profile)175 private void disconnect(VpnProfile profile) { 176 try { 177 LegacyVpnInfo connected = mService.getLegacyVpnInfo(UserHandle.myUserId()); 178 if (connected != null && profile.key.equals(connected.key)) { 179 VpnUtils.clearLockdownVpn(getContext()); 180 mService.prepareVpn(VpnConfig.LEGACY_VPN, VpnConfig.LEGACY_VPN, 181 UserHandle.myUserId()); 182 } 183 } catch (RemoteException e) { 184 Log.e(TAG, "Failed to disconnect", e); 185 } 186 } 187 } 188