gronod/talk-android
1
0
Fork 1
mirror of https://github.com/nextcloud/talk-android synced 2025-06-19 11:39:42 +01:00
Code Issues Packages Projects Releases Wiki Activity

Implement magic hostname verifier

Browse Source 
Signed-off-by: Mario Danic <mario@lovelyhq.com>
This commit is contained in:
Mario Danic 2017-10-29 12:32:36 +01:00
parent f571244e62
commit 734f4f5f5c
2 changed files with 42 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
app/src/main/java/com/nextcloud/talk/dagger/modules/RestModule.java
View File

@ -125,7 +125,7 @@ public class RestModule {
} }
httpClient.sslSocketFactory(sslSocketFactoryCompat, magicTrustManager); httpClient.sslSocketFactory(sslSocketFactoryCompat, magicTrustManager);
httpClient.hostnameVerifier(OkHostnameVerifier.INSTANCE); httpClient.hostnameVerifier(magicTrustManager.getHostnameVerifier(OkHostnameVerifier.INSTANCE));
if (!Proxy.NO_PROXY.equals(proxy)) { if (!Proxy.NO_PROXY.equals(proxy)) {
httpClient.proxy(proxy); httpClient.proxy(proxy);
@ -167,6 +167,7 @@ public class RestModule {
return null; return null;
} }
} }
return response.request().newBuilder() return response.request().newBuilder()
.header("Proxy-Authorization", credentials) .header("Proxy-Authorization", credentials)
.build(); .build();

40
app/src/main/java/com/nextcloud/talk/utils/ssl/MagicTrustManager.java
View File

@ -35,10 +35,14 @@ import java.security.KeyStoreException;
import java.security.cert.CertificateException; import java.security.cert.CertificateException;
import java.security.cert.X509Certificate; import java.security.cert.X509Certificate;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.SSLPeerUnverifiedException;
import javax.net.ssl.SSLSession;
import javax.net.ssl.TrustManager; import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory; import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager; import javax.net.ssl.X509TrustManager;
public class MagicTrustManager implements X509TrustManager { public class MagicTrustManager implements X509TrustManager {
private static final String TAG = "MagicTrustManager"; private static final String TAG = "MagicTrustManager";
@ -46,6 +50,12 @@ public class MagicTrustManager implements X509TrustManager {
private X509TrustManager systemTrustManager = null; private X509TrustManager systemTrustManager = null;
private KeyStore trustedKeyStore = null; private KeyStore trustedKeyStore = null;
private HostnameVerifier hostnameVerifier;
public HostnameVerifier getHostnameVerifier(HostnameVerifier defaultHostNameVerifier) {
return new MagicHostnameVerifier(defaultHostNameVerifier);
}
public MagicTrustManager() { public MagicTrustManager() {
keystoreFile = new File(NextcloudTalkApplication.getSharedApplication().getDir("CertsKeystore", keystoreFile = new File(NextcloudTalkApplication.getSharedApplication().getDir("CertsKeystore",
Context.MODE_PRIVATE), "keystore.bks"); Context.MODE_PRIVATE), "keystore.bks");
@ -130,4 +140,34 @@ public class MagicTrustManager implements X509TrustManager {
public X509Certificate[] getAcceptedIssuers() { public X509Certificate[] getAcceptedIssuers() {
return new X509Certificate[0]; return new X509Certificate[0];
} }
private class MagicHostnameVerifier implements HostnameVerifier {
private static final String TAG = "MagicHostnameVerifier";
private HostnameVerifier defaultHostNameVerifier;
public MagicHostnameVerifier(HostnameVerifier defaultHostNameVerifier) {
this.defaultHostNameVerifier = defaultHostNameVerifier;
}
@Override
public boolean verify(String s, SSLSession sslSession) {
if (defaultHostNameVerifier.verify(s, sslSession)) {
return true;
}
try {
X509Certificate[] certificates = (X509Certificate[]) sslSession.getPeerCertificates();
if (certificates.length > 0 && certificates[0] != null) {
return true;
}
} catch (SSLPeerUnverifiedException e) {
Log.d(TAG, "Couldn't get certificate for host name verification");
}
return false;
}
}
} }