Home Explore Help
Sign In
SX_Cloud
/
space-android
2
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

fix rare case: ssl cert is ok for checkServer, but not for webview -> show untrustedDialog

tobiaskaminsky 7 years ago
parent
31547ccb14
commit
fe6a549532
2 changed files with 19 additions and 24 deletions
Unified View Show Diff Stats
  1. 16 21
      src/main/java/com/owncloud/android/authentication/AuthenticatorActivity.java
  2. 3 3
      src/main/java/com/owncloud/android/authentication/SsoWebViewClient.java

+ 16 - 21
src/main/java/com/owncloud/android/authentication/AuthenticatorActivity.java
View File 

@@ -52,7 +52,6 @@ import android.content.pm.ActivityInfo;
 
 import android.graphics.Rect;

 import android.graphics.Rect;

 import android.graphics.drawable.Drawable;

 import android.graphics.drawable.Drawable;

 import android.net.Uri;

 import android.net.Uri;

-import android.net.http.SslCertificate;

 import android.net.http.SslError;

 import android.net.http.SslError;

 import android.os.Build;

 import android.os.Build;

 import android.os.Bundle;

 import android.os.Bundle;

@@ -123,10 +122,6 @@ import com.owncloud.android.ui.dialog.SslUntrustedCertDialog.OnSslUntrustedCertL
 
 import com.owncloud.android.utils.AnalyticsUtils;

 import com.owncloud.android.utils.AnalyticsUtils;

 import com.owncloud.android.utils.DisplayUtils;

 import com.owncloud.android.utils.DisplayUtils;

 

 

-import java.io.ByteArrayInputStream;

-import java.security.cert.Certificate;

-import java.security.cert.CertificateException;

-import java.security.cert.CertificateFactory;

 import java.security.cert.X509Certificate;

 import java.security.cert.X509Certificate;

 import java.util.HashMap;

 import java.util.HashMap;

 import java.util.Map;

 import java.util.Map;

@@ -400,13 +395,13 @@ public class AuthenticatorActivity extends AccountAuthenticatorActivity
 
 

 

             @Override

             @Override

             public void onReceivedSslError(WebView view, SslErrorHandler handler, SslError error) {

             public void onReceivedSslError(WebView view, SslErrorHandler handler, SslError error) {

-                Certificate cert = getX509Certificate(error.getCertificate());

+                X509Certificate cert = SsoWebViewClient.getX509CertificateFromError(error);

 

 

                 try {

                 try {

                     if (cert != null && NetworkUtils.isCertInKnownServersStore(cert, getApplicationContext())) {

                     if (cert != null && NetworkUtils.isCertInKnownServersStore(cert, getApplicationContext())) {

                         handler.proceed();

                         handler.proceed();

                     } else {

                     } else {

-                        handler.cancel();

+                        showUntrustedCertDialog(cert, error, handler);

                     }

                     }

                 } catch (Exception e) {

                 } catch (Exception e) {

                     Log_OC.e(TAG, "Cert could not be verified");

                     Log_OC.e(TAG, "Cert could not be verified");

@@ -421,20 +416,20 @@ public class AuthenticatorActivity extends AccountAuthenticatorActivity
 
         });

         });

     }

     }

 

 

-    private Certificate getX509Certificate(SslCertificate sslCertificate) {

-        Bundle bundle = SslCertificate.saveState(sslCertificate);

-        byte[] bytes = bundle.getByteArray("x509-certificate");

-        if (bytes == null) {

-            return null;

-        } else {

-            try {

-                CertificateFactory certFactory = CertificateFactory.getInstance("X.509");

-                return certFactory.generateCertificate(new ByteArrayInputStream(bytes));

-            } catch (CertificateException e) {

-                return null;

-            }

-        }

-    }

+//    private Certificate getX509Certificate(SslCertificate sslCertificate) {

+//        Bundle bundle = SslCertificate.saveState(sslCertificate);

+//        byte[] bytes = bundle.getByteArray("x509-certificate");

+//        if (bytes == null) {

+//            return null;

+//        } else {

+//            try {

+//                CertificateFactory certFactory = CertificateFactory.getInstance("X.509");

+//                return certFactory.generateCertificate(new ByteArrayInputStream(bytes));

+//            } catch (CertificateException e) {

+//                return null;

+//            }

+//        }

+//    }

 

 

     private void parseAndLoginFromWebView(String dataString) {

     private void parseAndLoginFromWebView(String dataString) {

         String prefix = getString(R.string.login_data_own_scheme) + PROTOCOL_SUFFIX + "login/";

         String prefix = getString(R.string.login_data_own_scheme) + PROTOCOL_SUFFIX + "login/";

+ 3 - 3
src/main/java/com/owncloud/android/authentication/SsoWebViewClient.java
View File 

@@ -63,7 +63,7 @@ public class SsoWebViewClient extends WebViewClient {
 
     private String mLastReloadedUrlAtError;
 
     private String mLastReloadedUrlAtError;
 
     
     
     public interface SsoWebViewClientListener {
 
     public interface SsoWebViewClientListener {
 
-        public void onSsoFinished(String sessionCookie);
 
+        void onSsoFinished(String sessionCookie);
 
     }
 
     }
 
 
 
     public SsoWebViewClient (Context context, Handler listenerHandler, SsoWebViewClientListener listener) {
 
     public SsoWebViewClient (Context context, Handler listenerHandler, SsoWebViewClientListener listener) {
 
@@ -148,7 +148,7 @@ public class SsoWebViewClient extends WebViewClient {
 
         
         
         if (x509Certificate != null) {
 
         if (x509Certificate != null) {
 
             try {
 
             try {
 
-                isKnownServer = NetworkUtils.isCertInKnownServersStore((Certificate) x509Certificate, mContext);
 
+                isKnownServer = NetworkUtils.isCertInKnownServersStore(x509Certificate, mContext);
 
             } catch (Exception e) {
 
             } catch (Exception e) {
 
                 Log_OC.e(TAG, "Exception: " + e.getMessage());
 
                 Log_OC.e(TAG, "Exception: " + e.getMessage());
 
             }
 
             }
 
@@ -166,7 +166,7 @@ public class SsoWebViewClient extends WebViewClient {
 
      * @param   error     SslError
 
      * @param   error     SslError
 
      * @return  X509Certificate from error
 
      * @return  X509Certificate from error
 
      */
 
      */
 
-    public X509Certificate getX509CertificateFromError (SslError error) {
 
+    public static X509Certificate getX509CertificateFromError(SslError error) {
 
         Bundle bundle = SslCertificate.saveState(error.getCertificate());
 
         Bundle bundle = SslCertificate.saveState(error.getCertificate());
 
         X509Certificate x509Certificate;
 
         X509Certificate x509Certificate;
 
         byte[] bytes = bundle.getByteArray("x509-certificate");
 
         byte[] bytes = bundle.getByteArray("x509-certificate");