gronod/talk-android
1
0
Fork 1
mirror of https://github.com/nextcloud/talk-android synced 2025-07-20 19:25:01 +01:00
Code Issues Packages Projects Releases Wiki Activity

Fix ssl hostname verification

Browse Source 
Signed-off-by: Mario Danic <mario@lovelyhq.com>
This commit is contained in:
Mario Danic 2017-10-29 13:13:20 +01:00
parent 7225bf82a9
commit 49c8baabe3
1 changed files with 16 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
app/src/main/java/com/nextcloud/talk/utils/ssl/MagicTrustManager.java
View File

@ -95,6 +95,13 @@ public class MagicTrustManager implements X509TrustManager {
systemTrustManager.checkServerTrusted(new X509Certificate[]{x509Certificate}, "generic"); systemTrustManager.checkServerTrusted(new X509Certificate[]{x509Certificate}, "generic");
return true; return true;
} catch (CertificateException e) { } catch (CertificateException e) {
return isCertInMagicTrustStore(x509Certificate);
}
}
return false;
}
private boolean isCertInMagicTrustStore(X509Certificate x509Certificate) {
if (trustedKeyStore != null) { if (trustedKeyStore != null) {
try { try {
if (trustedKeyStore.getCertificateAlias(x509Certificate) != null) { if (trustedKeyStore.getCertificateAlias(x509Certificate) != null) {
@ -105,8 +112,6 @@ public class MagicTrustManager implements X509TrustManager {
} }
} }
}
}
return false; return false;
} }
@ -157,7 +162,7 @@ public class MagicTrustManager implements X509TrustManager {
try { try {
X509Certificate[] certificates = (X509Certificate[]) sslSession.getPeerCertificates(); X509Certificate[] certificates = (X509Certificate[]) sslSession.getPeerCertificates();
if (certificates.length > 0 && certificates[0] != null) { if (certificates.length > 0 && certificates[0] != null && isCertInMagicTrustStore(certificates[0])) {
return true; return true;
} }
} catch (SSLPeerUnverifiedException e) { } catch (SSLPeerUnverifiedException e) {