Home Explore Help
Sign In
SX_Cloud
/
rooms-android
2
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

Implement magic hostname verifier

Signed-off-by: Mario Danic <mario@lovelyhq.com>
Mario Danic 7 years ago
parent
f571244e62
commit
734f4f5f5c
2 changed files with 42 additions and 1 deletions
Split View Show Diff Stats
  1. 2 1
      app/src/main/java/com/nextcloud/talk/dagger/modules/RestModule.java
  2. 40 0
      app/src/main/java/com/nextcloud/talk/utils/ssl/MagicTrustManager.java

+ 2 - 1
app/src/main/java/com/nextcloud/talk/dagger/modules/RestModule.java
View File 

@@ -125,7 +125,7 @@ public class RestModule {
 
         }
 
 
         httpClient.sslSocketFactory(sslSocketFactoryCompat, magicTrustManager);
 
-        httpClient.hostnameVerifier(OkHostnameVerifier.INSTANCE);
 
+        httpClient.hostnameVerifier(magicTrustManager.getHostnameVerifier(OkHostnameVerifier.INSTANCE));
 
 
         if (!Proxy.NO_PROXY.equals(proxy)) {
 
             httpClient.proxy(proxy);
 
@@ -167,6 +167,7 @@ public class RestModule {
 
                     return null;
 
                 }
 
             }
 
+
 
             return response.request().newBuilder()
 
                     .header("Proxy-Authorization", credentials)
 
                     .build();

+ 40 - 0
app/src/main/java/com/nextcloud/talk/utils/ssl/MagicTrustManager.java
View File 

@@ -35,10 +35,14 @@ import java.security.KeyStoreException;
 
 import java.security.cert.CertificateException;
 
 import java.security.cert.X509Certificate;
 
 
+import javax.net.ssl.HostnameVerifier;
 
+import javax.net.ssl.SSLPeerUnverifiedException;
 
+import javax.net.ssl.SSLSession;
 
 import javax.net.ssl.TrustManager;
 
 import javax.net.ssl.TrustManagerFactory;
 
 import javax.net.ssl.X509TrustManager;
 
 
+
 
 public class MagicTrustManager implements X509TrustManager {
 
     private static final String TAG = "MagicTrustManager";
 
 
@@ -46,6 +50,12 @@ public class MagicTrustManager implements X509TrustManager {
 
     private X509TrustManager systemTrustManager = null;
 
     private KeyStore trustedKeyStore = null;
 
 
+    private HostnameVerifier hostnameVerifier;
 
+
 
+    public HostnameVerifier getHostnameVerifier(HostnameVerifier defaultHostNameVerifier) {
 
+        return new MagicHostnameVerifier(defaultHostNameVerifier);
 
+    }
 
+
 
     public MagicTrustManager() {
 
         keystoreFile = new File(NextcloudTalkApplication.getSharedApplication().getDir("CertsKeystore",
 
                 Context.MODE_PRIVATE), "keystore.bks");
 
@@ -130,4 +140,34 @@ public class MagicTrustManager implements X509TrustManager {
 
     public X509Certificate[] getAcceptedIssuers() {
 
         return new X509Certificate[0];
 
     }
 
+
 
+    private class MagicHostnameVerifier implements HostnameVerifier {
 
+        private static final String TAG = "MagicHostnameVerifier";
 
+        private HostnameVerifier defaultHostNameVerifier;
 
+
 
+        public MagicHostnameVerifier(HostnameVerifier defaultHostNameVerifier) {
 
+            this.defaultHostNameVerifier = defaultHostNameVerifier;
 
+        }
 
+
 
+        @Override
 
+        public boolean verify(String s, SSLSession sslSession) {
 
+
 
+            if (defaultHostNameVerifier.verify(s, sslSession)) {
 
+                return true;
 
+            }
 
+
 
+
 
+            try {
 
+                X509Certificate[] certificates = (X509Certificate[]) sslSession.getPeerCertificates();
 
+                if (certificates.length > 0 && certificates[0] != null) {
 
+                    return true;
 
+                }
 
+            } catch (SSLPeerUnverifiedException e) {
 
+                Log.d(TAG, "Couldn't get certificate for host name verification");
 
+            }
 
+
 
+            return false;
 
+        }
 
+    }
 
+
 
 }