gronod/talk-android
1
0
Fork 1
mirror of https://github.com/nextcloud/talk-android synced 2025-07-18 18:25:03 +01:00
Code Issues Packages Projects Releases Wiki Activity

Fix ssl hostname verification

Browse Source 
Signed-off-by: Mario Danic <mario@lovelyhq.com>
This commit is contained in:
Mario Danic 2017-10-29 13:13:20 +01:00
parent 7225bf82a9
commit 49c8baabe3
1 changed files with 16 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

27
app/src/main/java/com/nextcloud/talk/utils/ssl/MagicTrustManager.java
View File

@ -95,21 +95,26 @@ public class MagicTrustManager implements X509TrustManager {
systemTrustManager.checkServerTrusted(new X509Certificate[]{x509Certificate}, "generic");
return true;
} catch (CertificateException e) {
if (trustedKeyStore != null) {
try {
if (trustedKeyStore.getCertificateAlias(x509Certificate) != null) {
return true;
}
} catch (KeyStoreException exception) {
return false;
}
}
return isCertInMagicTrustStore(x509Certificate);
}
}
return false;
}
private boolean isCertInMagicTrustStore(X509Certificate x509Certificate) {
if (trustedKeyStore != null) {
try {
if (trustedKeyStore.getCertificateAlias(x509Certificate) != null) {
return true;
}
} catch (KeyStoreException exception) {
return false;
}
}
return false;
}
public void addCertInTrustStore(X509Certificate x509Certificate) {
if (trustedKeyStore != null) {
try {
@ -157,7 +162,7 @@ public class MagicTrustManager implements X509TrustManager {
try {
X509Certificate[] certificates = (X509Certificate[]) sslSession.getPeerCertificates();
if (certificates.length > 0 && certificates[0] != null) {
if (certificates.length > 0 && certificates[0] != null && isCertInMagicTrustStore(certificates[0])) {
return true;
}
} catch (SSLPeerUnverifiedException e) {