Merge "VpnSettings: pass certificates to racoon directly."

author: Chia-chi Yeh <chiachi@android.com> 2011-07-07 14:29:12 -0700
committer: Android (Google) Code Review <android-gerrit@google.com> 2011-07-07 14:29:12 -0700
commit: 78c603747e04b50bdf9859cb97d1ae30c25dc03c (patch)
tree: 7071963de00340cd6ad67e20225334a14313b9ba /src/com/android
parent: 722934dbbc9c3aca86d5827453afa9f7d4c7b87f (diff)
parent: 413b171159cec5ad1e7b3cf4f1f842b5f2debc05 (diff)
download: packages_apps_Settings-78c603747e04b50bdf9859cb97d1ae30c25dc03c.zip
packages_apps_Settings-78c603747e04b50bdf9859cb97d1ae30c25dc03c.tar.gz
packages_apps_Settings-78c603747e04b50bdf9859cb97d1ae30c25dc03c.tar.bz2
2 files changed, 47 insertions, 16 deletions
diff --git a/src/com/android/settings/vpn2/VpnDialog.java b/src/com/android/settings/vpn2/VpnDialog.java
index b3609a6..4f9d0a2 100644
--- a/src/com/android/settings/vpn2/VpnDialog.java
+++ b/src/com/android/settings/vpn2/VpnDialog.java
@@ -197,6 +197,7 @@ class VpnDialog extends AlertDialog implements TextWatcher, OnItemSelectedListen
         // First, hide everything.
         mMppe.setVisibility(View.GONE);
         mView.findViewById(R.id.l2tp).setVisibility(View.GONE);
+        mView.findViewById(R.id.ipsec_id).setVisibility(View.GONE);
         mView.findViewById(R.id.ipsec_psk).setVisibility(View.GONE);
         mView.findViewById(R.id.ipsec_user).setVisibility(View.GONE);
         mView.findViewById(R.id.ipsec_ca).setVisibility(View.GONE);
@@ -206,11 +207,12 @@ class VpnDialog extends AlertDialog implements TextWatcher, OnItemSelectedListen
             case VpnProfile.TYPE_PPTP:
                 mMppe.setVisibility(View.VISIBLE);
                 break;
-
             case VpnProfile.TYPE_L2TP_IPSEC_PSK:
                 mView.findViewById(R.id.l2tp).setVisibility(View.VISIBLE);
-                // fall through
+                mView.findViewById(R.id.ipsec_psk).setVisibility(View.VISIBLE);
+                break;
             case VpnProfile.TYPE_IPSEC_XAUTH_PSK:
+                mView.findViewById(R.id.ipsec_id).setVisibility(View.VISIBLE);
                 mView.findViewById(R.id.ipsec_psk).setVisibility(View.VISIBLE);
                 break;
 
@@ -295,11 +297,12 @@ class VpnDialog extends AlertDialog implements TextWatcher, OnItemSelectedListen
             case VpnProfile.TYPE_PPTP:
                 profile.mppe = mMppe.isChecked();
                 break;
-
             case VpnProfile.TYPE_L2TP_IPSEC_PSK:
                 profile.l2tpSecret = getSecret(mProfile.l2tpSecret, mL2tpSecret);
-                // fall through
+                profile.ipsecSecret = getSecret(mProfile.ipsecSecret, mIpsecSecret);
+                break;
             case VpnProfile.TYPE_IPSEC_XAUTH_PSK:
+                profile.ipsecIdentifier = mIpsecIdentifier.getText().toString();
                 profile.ipsecSecret = getSecret(mProfile.ipsecSecret, mIpsecSecret);
                 break;
 
diff --git a/src/com/android/settings/vpn2/VpnSettings.java b/src/com/android/settings/vpn2/VpnSettings.java
index 7f6c9f4..f345c22 100644
--- a/src/com/android/settings/vpn2/VpnSettings.java
+++ b/src/com/android/settings/vpn2/VpnSettings.java
@@ -21,6 +21,7 @@ import com.android.settings.R;
 import android.content.Context;
 import android.content.DialogInterface;
 import android.net.IConnectivityManager;
+import android.net.LinkProperties;
 import android.os.Bundle;
 import android.os.Handler;
 import android.os.Message;
@@ -41,6 +42,7 @@ import com.android.internal.net.LegacyVpnInfo;
 import com.android.internal.net.VpnConfig;
 import com.android.settings.SettingsPreferenceFragment;
 
+import java.nio.charset.Charsets;
 import java.util.Arrays;
 import java.util.HashMap;
 
@@ -198,7 +200,11 @@ public class VpnSettings extends SettingsPreferenceFragment implements
 
             // If we are not editing, connect!
             if (!mDialog.isEditing()) {
-                connect(profile);
+                try {
+                    connect(profile);
+                } catch (Exception e) {
+                    Log.e(TAG, "connect", e);
+                }
             }
         }
     }
@@ -314,20 +320,45 @@ public class VpnSettings extends SettingsPreferenceFragment implements
         return true;
     }
 
-    private void connect(VpnProfile profile) {
+    private void connect(VpnProfile profile) throws Exception {
+        // Get the current active interface.
+        LinkProperties network = mService.getActiveLinkProperties();
+        String interfaze = (network == null) ? null : network.getInterfaceName();
+        if (interfaze == null) {
+            throw new IllegalStateException("Cannot get network interface");
+        }
+
+        // Load certificates.
+        String privateKey = "";
+        String userCert = "";
+        String caCert = "";
+        if (!profile.ipsecUserCert.isEmpty()) {
+            byte[] value = mKeyStore.get(Credentials.USER_PRIVATE_KEY + profile.ipsecUserCert);
+            privateKey = (value == null) ? null : new String(value, Charsets.UTF_8);
+            value = mKeyStore.get(Credentials.USER_CERTIFICATE + profile.ipsecUserCert);
+            userCert = (value == null) ? null : new String(value, Charsets.UTF_8);
+        }
+        if (!profile.ipsecCaCert.isEmpty()) {
+            byte[] value = mKeyStore.get(Credentials.CA_CERTIFICATE + profile.ipsecCaCert);
+            caCert = (value == null) ? null : new String(value, Charsets.UTF_8);
+        }
+        if (privateKey == null || userCert == null || caCert == null) {
+            // TODO: find out a proper way to handle this. Delete these keys?
+            throw new IllegalStateException("Cannot load credentials");
+        }
+        Log.i(TAG, userCert);
+
+        // Prepare arguments for racoon.
         String[] racoon = null;
         switch (profile.type) {
             case VpnProfile.TYPE_L2TP_IPSEC_PSK:
                 racoon = new String[] {
-                    profile.server, "1701", profile.ipsecSecret,
+                    interfaze, profile.server, "udppsk", "1701", profile.ipsecSecret,
                 };
                 break;
             case VpnProfile.TYPE_L2TP_IPSEC_RSA:
                 racoon = new String[] {
-                    profile.server, "1701",
-                    Credentials.USER_PRIVATE_KEY + profile.ipsecUserCert,
-                    Credentials.USER_CERTIFICATE + profile.ipsecUserCert,
-                    Credentials.CA_CERTIFICATE + profile.ipsecCaCert,
+                    interfaze, profile.server, "udprsa", "1701", privateKey, userCert, caCert,
                 };
                 break;
             case VpnProfile.TYPE_IPSEC_XAUTH_PSK:
@@ -338,6 +369,7 @@ public class VpnSettings extends SettingsPreferenceFragment implements
                 break;
         }
 
+        // Prepare arguments for mtpd.
         String[] mtpd = null;
         switch (profile.type) {
             case VpnProfile.TYPE_PPTP:
@@ -369,11 +401,7 @@ public class VpnSettings extends SettingsPreferenceFragment implements
             config.searchDomains = Arrays.asList(profile.searchDomains.split(" "));
         }
 
-        try {
-            mService.startLegacyVpn(config, racoon, mtpd);
-        } catch (Exception e) {
-            Log.e(TAG, "connect", e);
-        }
+        mService.startLegacyVpn(config, racoon, mtpd);
     }
 
     private void disconnect(String key) {
author	Chia-chi Yeh <chiachi@android.com>	2011-07-07 14:29:12 -0700
committer	Android (Google) Code Review <android-gerrit@google.com>	2011-07-07 14:29:12 -0700
commit	78c603747e04b50bdf9859cb97d1ae30c25dc03c (patch)
tree	7071963de00340cd6ad67e20225334a14313b9ba /src/com/android
parent	722934dbbc9c3aca86d5827453afa9f7d4c7b87f (diff)
parent	413b171159cec5ad1e7b3cf4f1f842b5f2debc05 (diff)
download	packages_apps_Settings-78c603747e04b50bdf9859cb97d1ae30c25dc03c.zip packages_apps_Settings-78c603747e04b50bdf9859cb97d1ae30c25dc03c.tar.gz packages_apps_Settings-78c603747e04b50bdf9859cb97d1ae30c25dc03c.tar.bz2