From 9bc2f472e9cf204c737025b5d7101ba16c43b356 Mon Sep 17 00:00:00 2001
From: Christopher Tate <ctate@google.com>
Date: Tue, 17 Nov 2015 18:01:52 -0800
Subject: [PATCH] Don't back up / restore EAP network definitions

Bug 25725016

Change-Id: Idfef9dd53f2403bbe4c950493a0ab8fa66a3b7d4
---
 .../settings/SettingsBackupAgent.java         | 19 +++++++++++++++++++
 1 file changed, 19 insertions(+)

diff --git a/packages/SettingsProvider/src/com/android/providers/settings/SettingsBackupAgent.java b/packages/SettingsProvider/src/com/android/providers/settings/SettingsBackupAgent.java
index b9a9c24576fcb..2e96f18bedb21 100644
--- a/packages/SettingsProvider/src/com/android/providers/settings/SettingsBackupAgent.java
+++ b/packages/SettingsProvider/src/com/android/providers/settings/SettingsBackupAgent.java
@@ -159,6 +159,7 @@ public class SettingsBackupAgent extends BackupAgentHelper {
         String key_mgmt = "";
         boolean certUsed = false;
         boolean hasWepKey = false;
+        boolean isEap = false;
         final ArrayList<String> rawLines = new ArrayList<String>();
 
         public static Network readFromStream(BufferedReader in) {
@@ -189,6 +190,9 @@ public class SettingsBackupAgent extends BackupAgentHelper {
                 ssid = line;
             } else if (line.startsWith("key_mgmt=")) {
                 key_mgmt = line;
+                if (line.contains("EAP")) {
+                    isEap = true;
+                }
             } else if (line.startsWith("client_cert=")) {
                 certUsed = true;
             } else if (line.startsWith("ca_cert=")) {
@@ -197,6 +201,8 @@ public class SettingsBackupAgent extends BackupAgentHelper {
                 certUsed = true;
             } else if (line.startsWith("wep_")) {
                 hasWepKey = true;
+            } else if (line.startsWith("eap=")) {
+                isEap = true;
             }
         }
 
@@ -325,6 +331,13 @@ public class SettingsBackupAgent extends BackupAgentHelper {
                                     continue;
                                 }
                             }
+                            // Don't propagate EAP network definitions
+                            if (net.isEap) {
+                                if (DEBUG_BACKUP) {
+                                    Log.v(TAG, "Skipping EAP network " + net.ssid + " / " + net.key_mgmt);
+                                }
+                                continue;
+                            }
                             if (! mKnownNetworks.contains(net)) {
                                 if (DEBUG_BACKUP) {
                                     Log.v(TAG, "Adding " + net.ssid + " / " + net.key_mgmt);
@@ -353,6 +366,12 @@ public class SettingsBackupAgent extends BackupAgentHelper {
                     continue;
                 }
 
+                if (net.isEap) {
+                    // Similarly, omit EAP network definitions to avoid propagating
+                    // controlled enterprise network definitions.
+                    continue;
+                }
+
                 net.write(w);
             }
         }