Fix EAP-TLS reconnect after reboot issue

After a reboot, KeyStore is locked, and certificates encrypted with user PIN are not accessible. So statemachines are not able to connect to EAP-TLS networks. This change makes the problem less severe by 1. Not signing certificates with user PIN on devices with hardware backed KeyStore. 2. Issuing a reconnect upon first USER_PRESENT event. This means HH (which has a hardware backed keystore) can connect to EAP-TLS networks without requiring user intervention and other devices will automatically connect to those networks after user punches PIN. Bug: 10325089 Change-Id: I023d60e58d8214152f051bd9ec84b85b702d829a
author: Vinit Deshapnde <vinitd@google.com> 2013-10-02 17:26:05 -0700
committer: Vinit Deshapnde <vinitd@google.com> 2013-10-02 17:26:05 -0700
commit: a3038b2b311cd07d851c404ccc5df2f4e07bcfd8 (patch)
tree: 6099aefba7430212240b6aeb356bee9b7feb6211 /services
parent: d6957d5f8ddf3b542996955bf2d6efe0e9804ef4 (diff)
download: frameworks_base-a3038b2b311cd07d851c404ccc5df2f4e07bcfd8.zip
frameworks_base-a3038b2b311cd07d851c404ccc5df2f4e07bcfd8.tar.gz
frameworks_base-a3038b2b311cd07d851c404ccc5df2f4e07bcfd8.tar.bz2
2 files changed, 18 insertions, 0 deletions
diff --git a/services/java/com/android/server/wifi/WifiController.java b/services/java/com/android/server/wifi/WifiController.java
index 87b4394..a3d514e 100644
--- a/services/java/com/android/server/wifi/WifiController.java
+++ b/services/java/com/android/server/wifi/WifiController.java
@@ -57,6 +57,7 @@ class WifiController extends StateMachine {
     private int mStayAwakeConditions;
     private long mIdleMillis;
     private int mSleepPolicy;
+    private boolean mFirstUserSignOnSeen = false;
 
     private AlarmManager mAlarmManager;
     private PendingIntent mIdleIntent;
@@ -113,6 +114,7 @@ class WifiController extends StateMachine {
     static final int CMD_AIRPLANE_TOGGLED           = BASE + 9;
     static final int CMD_SET_AP                     = BASE + 10;
     static final int CMD_DEFERRED_TOGGLE            = BASE + 11;
+    static final int CMD_USER_PRESENT               = BASE + 12;
 
     private DefaultState mDefaultState = new DefaultState();
     private StaEnabledState mStaEnabledState = new StaEnabledState();
@@ -361,6 +363,9 @@ class WifiController extends StateMachine {
                 case CMD_AIRPLANE_TOGGLED:
                 case CMD_EMERGENCY_MODE_CHANGED:
                     break;
+                case CMD_USER_PRESENT:
+                    mFirstUserSignOnSeen = true;
+                    break;
                 case CMD_DEFERRED_TOGGLE:
                     log("DEFERRED_TOGGLE ignored due to state change");
                     break;
@@ -639,6 +644,15 @@ class WifiController extends StateMachine {
             if (msg.what == CMD_DEVICE_IDLE) {
                 checkLocksAndTransitionWhenDeviceIdle();
                 // We let default state handle the rest of work
+            } else if (msg.what == CMD_USER_PRESENT) {
+                // TLS networks can't connect until user unlocks keystore. KeyStore
+                // unlocks when the user punches PIN after the reboot. So use this
+                // trigger to get those networks connected.
+                if (mFirstUserSignOnSeen == false) {
+                    mWifiStateMachine.reloadTlsNetworksAndReconnect();
+                }
+                mFirstUserSignOnSeen = true;
+                return HANDLED;
             }
             return NOT_HANDLED;
         }
diff --git a/services/java/com/android/server/wifi/WifiService.java b/services/java/com/android/server/wifi/WifiService.java
index f93a45b..86c68f3 100644
--- a/services/java/com/android/server/wifi/WifiService.java
+++ b/services/java/com/android/server/wifi/WifiService.java
@@ -83,6 +83,7 @@ import static com.android.server.wifi.WifiController.CMD_SCAN_ALWAYS_MODE_CHANGE
 import static com.android.server.wifi.WifiController.CMD_SCREEN_OFF;
 import static com.android.server.wifi.WifiController.CMD_SCREEN_ON;
 import static com.android.server.wifi.WifiController.CMD_SET_AP;
+import static com.android.server.wifi.WifiController.CMD_USER_PRESENT;
 import static com.android.server.wifi.WifiController.CMD_WIFI_TOGGLED;
 /**
  * WifiService handles remote WiFi operation requests by implementing
@@ -1084,6 +1085,8 @@ public final class WifiService extends IWifiManager.Stub {
             String action = intent.getAction();
             if (action.equals(Intent.ACTION_SCREEN_ON)) {
                 mWifiController.sendMessage(CMD_SCREEN_ON);
+            } else if (action.equals(Intent.ACTION_USER_PRESENT)) {
+                mWifiController.sendMessage(CMD_USER_PRESENT);
             } else if (action.equals(Intent.ACTION_SCREEN_OFF)) {
                 mWifiController.sendMessage(CMD_SCREEN_OFF);
             } else if (action.equals(Intent.ACTION_BATTERY_CHANGED)) {
@@ -1120,6 +1123,7 @@ public final class WifiService extends IWifiManager.Stub {
     private void registerForBroadcasts() {
         IntentFilter intentFilter = new IntentFilter();
         intentFilter.addAction(Intent.ACTION_SCREEN_ON);
+        intentFilter.addAction(Intent.ACTION_USER_PRESENT);
         intentFilter.addAction(Intent.ACTION_SCREEN_OFF);
         intentFilter.addAction(Intent.ACTION_BATTERY_CHANGED);
         intentFilter.addAction(WifiManager.NETWORK_STATE_CHANGED_ACTION);
author	Vinit Deshapnde <vinitd@google.com>	2013-10-02 17:26:05 -0700
committer	Vinit Deshapnde <vinitd@google.com>	2013-10-02 17:26:05 -0700
commit	a3038b2b311cd07d851c404ccc5df2f4e07bcfd8 (patch)
tree	6099aefba7430212240b6aeb356bee9b7feb6211 /services
parent	d6957d5f8ddf3b542996955bf2d6efe0e9804ef4 (diff)
download	frameworks_base-a3038b2b311cd07d851c404ccc5df2f4e07bcfd8.zip frameworks_base-a3038b2b311cd07d851c404ccc5df2f4e07bcfd8.tar.gz frameworks_base-a3038b2b311cd07d851c404ccc5df2f4e07bcfd8.tar.bz2