commit 6795a2aeafa6df8a5e8e3045d29991d33c8db33f
author Robin Lee <rgl@google.com> Mon Jul 06 19:20:59 2015 -0700
committer Robin Lee <rgl@google.com> Fri Jul 10 21:22:46 2015 +0000
tree 59f8d8322410ef82e689e3eb19684cc974edd14f
parent 0c758805b385a5c136b21a2b38e2383c30665282

Check legacy VPN is connected before alerting

Legacy VPN does nothing if the device has no underlying network
connection, so showing this warning in that case is confusing.

Conversely third-party VPN can still be dangerous since a malicious
app will store sensitive information and upload it later.

Bug: 21499103
Change-Id: I25a0d4e1e5b10198cb067f06645f0e5ecf81bf56

packages/SystemUI/src/com/android/systemui/statusbar/policy/SecurityControllerImpl.java

diff --git a/packages/SystemUI/src/com/android/systemui/statusbar/policy/SecurityControllerImpl.java b/packages/SystemUI/src/com/android/systemui/statusbar/policy/SecurityControllerImpl.java
index b505d9d..6af9854 100644
--- a/packages/SystemUI/src/com/android/systemui/statusbar/policy/SecurityControllerImpl.java
+++ b/packages/SystemUI/src/com/android/systemui/statusbar/policy/SecurityControllerImpl.java
@@ -25,7 +25,9 @@
 import android.net.IConnectivityManager;
 import android.net.Network;
 import android.net.NetworkCapabilities;
+import android.net.NetworkInfo;
 import android.net.NetworkRequest;
+import android.os.Process;
 import android.os.RemoteException;
 import android.os.ServiceManager;
 import android.os.UserHandle;
@@ -34,6 +36,7 @@
 import android.util.Log;
 import android.util.SparseArray;
 
+import com.android.internal.net.LegacyVpnInfo;
 import com.android.internal.net.VpnConfig;
 import com.android.internal.net.VpnInfo;
 import com.android.systemui.R;
@@ -210,9 +213,17 @@
         try {
             for (UserInfo user : mUserManager.getUsers()) {
                 VpnConfig cfg = mConnectivityManagerService.getVpnConfig(user.id);
-                if (cfg != null) {
-                    vpns.put(user.id, cfg);
+                if (cfg == null) {
+                    continue;
+                } else if (cfg.legacy) {
+                    // Legacy VPNs should do nothing if the network is disconnected. Third-party
+                    // VPN warnings need to continue as traffic can still go to the app.
+                    LegacyVpnInfo legacyVpn = mConnectivityManagerService.getLegacyVpnInfo(user.id);
+                    if (legacyVpn == null || legacyVpn.state != LegacyVpnInfo.STATE_CONNECTED) {
+                        continue;
+                    }
                 }
+                vpns.put(user.id, cfg);
             }
         } catch (RemoteException rme) {
             // Roll back to previous state