moparisthebest
/
k-9
mirror of https://github.com/moparisthebest/k-9
1
0
Fork 0
Code Issues Releases Wiki Activity

Remove SimpleX509TrustManager because it's no longer used

This commit is contained in:
cketti 2014-03-05 06:03:06 +01:00
parent 75fc76773d
commit 617123c58b
6 changed files with 21 additions and 37 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
src/com/fsck/k9/mail/store/ImapStore.java
View File

@ -2425,7 +2425,7 @@ public class ImapStore extends Store {
.init(null, .init(null,
new TrustManager[] { TrustManagerFactory.get( new TrustManager[] { TrustManagerFactory.get(
mSettings.getHost(), mSettings.getHost(),
mSettings.getPort(), true) }, mSettings.getPort()) },
new SecureRandom()); new SecureRandom());
mSocket = TrustedSocketFactory.createSocket(sslContext); mSocket = TrustedSocketFactory.createSocket(sslContext);
} else { } else {
@ -2480,7 +2480,7 @@ public class ImapStore extends Store {
sslContext.init(null, sslContext.init(null,
new TrustManager[] { TrustManagerFactory.get( new TrustManager[] { TrustManagerFactory.get(
mSettings.getHost(), mSettings.getHost(),
mSettings.getPort(), true) }, mSettings.getPort()) },
new SecureRandom()); new SecureRandom());
mSocket = TrustedSocketFactory.createSocket(sslContext, mSocket, mSocket = TrustedSocketFactory.createSocket(sslContext, mSocket,
mSettings.getHost(), mSettings.getPort(), true); mSettings.getHost(), mSettings.getPort(), true);

4
src/com/fsck/k9/mail/store/Pop3Store.java
View File

@ -304,7 +304,7 @@ public class Pop3Store extends Store {
SSLContext sslContext = SSLContext.getInstance("TLS"); SSLContext sslContext = SSLContext.getInstance("TLS");
sslContext.init(null, sslContext.init(null,
new TrustManager[] { TrustManagerFactory.get(mHost, new TrustManager[] { TrustManagerFactory.get(mHost,
mPort, true) }, new SecureRandom()); mPort) }, new SecureRandom());
mSocket = TrustedSocketFactory.createSocket(sslContext); mSocket = TrustedSocketFactory.createSocket(sslContext);
} else { } else {
mSocket = new Socket(); mSocket = new Socket();
@ -330,7 +330,7 @@ public class Pop3Store extends Store {
SSLContext sslContext = SSLContext.getInstance("TLS"); SSLContext sslContext = SSLContext.getInstance("TLS");
sslContext.init(null, sslContext.init(null,
new TrustManager[] { TrustManagerFactory.get( new TrustManager[] { TrustManagerFactory.get(
mHost, mPort, true) }, mHost, mPort) },
new SecureRandom()); new SecureRandom());
mSocket = TrustedSocketFactory.createSocket(sslContext, mSocket, mHost, mSocket = TrustedSocketFactory.createSocket(sslContext, mSocket, mHost,
mPort, true); mPort, true);

2
src/com/fsck/k9/mail/store/WebDavSocketFactory.java
View File

@ -31,7 +31,7 @@ public class WebDavSocketFactory implements LayeredSocketFactory {
public WebDavSocketFactory(String host, int port, boolean secure) throws NoSuchAlgorithmException, KeyManagementException { public WebDavSocketFactory(String host, int port, boolean secure) throws NoSuchAlgorithmException, KeyManagementException {
SSLContext sslContext = SSLContext.getInstance("TLS"); SSLContext sslContext = SSLContext.getInstance("TLS");
sslContext.init(null, new TrustManager[] { sslContext.init(null, new TrustManager[] {
TrustManagerFactory.get(host, port, secure) TrustManagerFactory.get(host, port)
}, new SecureRandom()); }, new SecureRandom());
mSocketFactory = sslContext.getSocketFactory(); mSocketFactory = sslContext.getSocketFactory();
mSchemeSocketFactory = org.apache.http.conn.ssl.SSLSocketFactory.getSocketFactory(); mSchemeSocketFactory = org.apache.http.conn.ssl.SSLSocketFactory.getSocketFactory();

4
src/com/fsck/k9/mail/transport/SmtpTransport.java
View File

@ -206,7 +206,7 @@ public class SmtpTransport extends Transport {
SSLContext sslContext = SSLContext.getInstance("TLS"); SSLContext sslContext = SSLContext.getInstance("TLS");
sslContext.init(null, sslContext.init(null,
new TrustManager[] { TrustManagerFactory.get( new TrustManager[] { TrustManagerFactory.get(
mHost, mPort, true) }, mHost, mPort) },
new SecureRandom()); new SecureRandom());
mSocket = TrustedSocketFactory.createSocket(sslContext); mSocket = TrustedSocketFactory.createSocket(sslContext);
mSocket.connect(socketAddress, SOCKET_CONNECT_TIMEOUT); mSocket.connect(socketAddress, SOCKET_CONNECT_TIMEOUT);
@ -265,7 +265,7 @@ public class SmtpTransport extends Transport {
SSLContext sslContext = SSLContext.getInstance("TLS"); SSLContext sslContext = SSLContext.getInstance("TLS");
sslContext.init(null, sslContext.init(null,
new TrustManager[] { TrustManagerFactory.get(mHost, new TrustManager[] { TrustManagerFactory.get(mHost,
mPort, true) }, new SecureRandom()); mPort) }, new SecureRandom());
mSocket = TrustedSocketFactory.createSocket(sslContext, mSocket, mHost, mSocket = TrustedSocketFactory.createSocket(sslContext, mSocket, mHost,
mPort, true); mPort, true);
mIn = new PeekableInputStream(new BufferedInputStream(mSocket.getInputStream(), mIn = new PeekableInputStream(new BufferedInputStream(mSocket.getInputStream(),

20
src/com/fsck/k9/net/ssl/TrustManagerFactory.java
View File

@ -21,23 +21,9 @@ public final class TrustManagerFactory {
private static final String LOG_TAG = "TrustManagerFactory"; private static final String LOG_TAG = "TrustManagerFactory";
private static X509TrustManager defaultTrustManager; private static X509TrustManager defaultTrustManager;
private static X509TrustManager unsecureTrustManager;
private static LocalKeyStore keyStore; private static LocalKeyStore keyStore;
private static class SimpleX509TrustManager implements X509TrustManager {
public void checkClientTrusted(X509Certificate[] chain, String authType)
throws CertificateException {
}
public void checkServerTrusted(X509Certificate[] chain, String authType)
throws CertificateException {
}
public X509Certificate[] getAcceptedIssuers() {
return null;
}
}
private static class SecureX509TrustManager implements X509TrustManager { private static class SecureX509TrustManager implements X509TrustManager {
private static final Map<String, SecureX509TrustManager> mTrustManager = private static final Map<String, SecureX509TrustManager> mTrustManager =
@ -126,14 +112,12 @@ public final class TrustManagerFactory {
} catch (KeyStoreException e) { } catch (KeyStoreException e) {
Log.e(LOG_TAG, "Key Store exception while initializing TrustManagerFactory ", e); Log.e(LOG_TAG, "Key Store exception while initializing TrustManagerFactory ", e);
} }
unsecureTrustManager = new SimpleX509TrustManager();
} }
private TrustManagerFactory() { private TrustManagerFactory() {
} }
public static X509TrustManager get(String host, int port, boolean secure) { public static X509TrustManager get(String host, int port) {
return secure ? SecureX509TrustManager.getInstance(host, port) : return SecureX509TrustManager.getInstance(host, port);
unsecureTrustManager;
} }
} }

24
tests/src/com/fsck/k9/net/ssl/TrustManagerFactoryTest.java
View File

@ -214,27 +214,27 @@ public class TrustManagerFactoryTest extends AndroidTestCase {
mKeyStore.addCertificate(NOT_MATCHING_HOST, PORT1, mCert1); mKeyStore.addCertificate(NOT_MATCHING_HOST, PORT1, mCert1);
mKeyStore.addCertificate(NOT_MATCHING_HOST, PORT2, mCert2); mKeyStore.addCertificate(NOT_MATCHING_HOST, PORT2, mCert2);
X509TrustManager trustManager1 = TrustManagerFactory.get(NOT_MATCHING_HOST, PORT1, true); X509TrustManager trustManager1 = TrustManagerFactory.get(NOT_MATCHING_HOST, PORT1);
X509TrustManager trustManager2 = TrustManagerFactory.get(NOT_MATCHING_HOST, PORT2, true); X509TrustManager trustManager2 = TrustManagerFactory.get(NOT_MATCHING_HOST, PORT2);
trustManager2.checkServerTrusted(new X509Certificate[] { mCert2 }, "authType"); trustManager2.checkServerTrusted(new X509Certificate[] { mCert2 }, "authType");
trustManager1.checkServerTrusted(new X509Certificate[] { mCert1 }, "authType"); trustManager1.checkServerTrusted(new X509Certificate[] { mCert1 }, "authType");
} }
public void testSelfSignedCertificateMatchingHost() throws Exception { public void testSelfSignedCertificateMatchingHost() throws Exception {
mKeyStore.addCertificate(MATCHING_HOST, PORT1, mCert1); mKeyStore.addCertificate(MATCHING_HOST, PORT1, mCert1);
X509TrustManager trustManager = TrustManagerFactory.get(MATCHING_HOST, PORT1, true); X509TrustManager trustManager = TrustManagerFactory.get(MATCHING_HOST, PORT1);
trustManager.checkServerTrusted(new X509Certificate[] { mCert1 }, "authType"); trustManager.checkServerTrusted(new X509Certificate[] { mCert1 }, "authType");
} }
public void testSelfSignedCertificateNotMatchingHost() throws Exception { public void testSelfSignedCertificateNotMatchingHost() throws Exception {
mKeyStore.addCertificate(NOT_MATCHING_HOST, PORT1, mCert1); mKeyStore.addCertificate(NOT_MATCHING_HOST, PORT1, mCert1);
X509TrustManager trustManager = TrustManagerFactory.get(NOT_MATCHING_HOST, PORT1, true); X509TrustManager trustManager = TrustManagerFactory.get(NOT_MATCHING_HOST, PORT1);
trustManager.checkServerTrusted(new X509Certificate[] { mCert1 }, "authType"); trustManager.checkServerTrusted(new X509Certificate[] { mCert1 }, "authType");
} }
public void testWrongCertificate() throws Exception { public void testWrongCertificate() throws Exception {
mKeyStore.addCertificate(MATCHING_HOST, PORT1, mCert1); mKeyStore.addCertificate(MATCHING_HOST, PORT1, mCert1);
X509TrustManager trustManager = TrustManagerFactory.get(MATCHING_HOST, PORT1, true); X509TrustManager trustManager = TrustManagerFactory.get(MATCHING_HOST, PORT1);
assertCertificateRejection(trustManager, new X509Certificate[] { mCert2 }); assertCertificateRejection(trustManager, new X509Certificate[] { mCert2 });
} }
@ -242,44 +242,44 @@ public class TrustManagerFactoryTest extends AndroidTestCase {
mKeyStore.addCertificate(MATCHING_HOST, PORT1, mCert1); mKeyStore.addCertificate(MATCHING_HOST, PORT1, mCert1);
mKeyStore.addCertificate(MATCHING_HOST, PORT2, mCert2); mKeyStore.addCertificate(MATCHING_HOST, PORT2, mCert2);
X509TrustManager trustManager = TrustManagerFactory.get(MATCHING_HOST, PORT1, true); X509TrustManager trustManager = TrustManagerFactory.get(MATCHING_HOST, PORT1);
assertCertificateRejection(trustManager, new X509Certificate[] { mCert2 }); assertCertificateRejection(trustManager, new X509Certificate[] { mCert2 });
} }
public void testUntrustedCertificateChain() throws Exception { public void testUntrustedCertificateChain() throws Exception {
X509TrustManager trustManager = TrustManagerFactory.get(MATCHING_HOST, PORT1, true); X509TrustManager trustManager = TrustManagerFactory.get(MATCHING_HOST, PORT1);
assertCertificateRejection(trustManager, new X509Certificate[] { mCert3, mCaCert }); assertCertificateRejection(trustManager, new X509Certificate[] { mCert3, mCaCert });
} }
public void testLocallyTrustedCertificateChain() throws Exception { public void testLocallyTrustedCertificateChain() throws Exception {
mKeyStore.addCertificate(MATCHING_HOST, PORT1, mCert3); mKeyStore.addCertificate(MATCHING_HOST, PORT1, mCert3);
X509TrustManager trustManager = TrustManagerFactory.get(MATCHING_HOST, PORT1, true); X509TrustManager trustManager = TrustManagerFactory.get(MATCHING_HOST, PORT1);
trustManager.checkServerTrusted(new X509Certificate[] { mCert3, mCaCert }, "authType"); trustManager.checkServerTrusted(new X509Certificate[] { mCert3, mCaCert }, "authType");
} }
public void testLocallyTrustedCertificateChainNotMatchingHost() throws Exception { public void testLocallyTrustedCertificateChainNotMatchingHost() throws Exception {
mKeyStore.addCertificate(NOT_MATCHING_HOST, PORT1, mCert3); mKeyStore.addCertificate(NOT_MATCHING_HOST, PORT1, mCert3);
X509TrustManager trustManager = TrustManagerFactory.get(NOT_MATCHING_HOST, PORT1, true); X509TrustManager trustManager = TrustManagerFactory.get(NOT_MATCHING_HOST, PORT1);
trustManager.checkServerTrusted(new X509Certificate[] { mCert3, mCaCert }, "authType"); trustManager.checkServerTrusted(new X509Certificate[] { mCert3, mCaCert }, "authType");
} }
public void testGloballyTrustedCertificateChain() throws Exception { public void testGloballyTrustedCertificateChain() throws Exception {
X509TrustManager trustManager = TrustManagerFactory.get("www.linux.com", PORT1, true); X509TrustManager trustManager = TrustManagerFactory.get("www.linux.com", PORT1);
X509Certificate[] certificates = new X509Certificate[] { mLinuxComCert, mStarfieldCert }; X509Certificate[] certificates = new X509Certificate[] { mLinuxComCert, mStarfieldCert };
trustManager.checkServerTrusted(certificates, "authType"); trustManager.checkServerTrusted(certificates, "authType");
} }
public void testGloballyTrustedCertificateNotMatchingHost() throws Exception { public void testGloballyTrustedCertificateNotMatchingHost() throws Exception {
X509TrustManager trustManager = TrustManagerFactory.get(NOT_MATCHING_HOST, PORT1, true); X509TrustManager trustManager = TrustManagerFactory.get(NOT_MATCHING_HOST, PORT1);
assertCertificateRejection(trustManager, new X509Certificate[] { mLinuxComCert, mStarfieldCert }); assertCertificateRejection(trustManager, new X509Certificate[] { mLinuxComCert, mStarfieldCert });
} }
public void testGloballyTrustedCertificateNotMatchingHostOverride() throws Exception { public void testGloballyTrustedCertificateNotMatchingHostOverride() throws Exception {
mKeyStore.addCertificate(MATCHING_HOST, PORT1, mLinuxComCert); mKeyStore.addCertificate(MATCHING_HOST, PORT1, mLinuxComCert);
X509TrustManager trustManager = TrustManagerFactory.get(MATCHING_HOST, PORT1, true); X509TrustManager trustManager = TrustManagerFactory.get(MATCHING_HOST, PORT1);
X509Certificate[] certificates = new X509Certificate[] { mLinuxComCert, mStarfieldCert }; X509Certificate[] certificates = new X509Certificate[] { mLinuxComCert, mStarfieldCert };
trustManager.checkServerTrusted(certificates, "authType"); trustManager.checkServerTrusted(certificates, "authType");
} }