moparisthebest/k-9
1
0
Fork 0
mirror of https://github.com/moparisthebest/k-9 synced 2024-08-13 17:03:48 -04:00
Code Issues Releases Wiki Activity

Use SslCertificate that is part of the official Android API instead of

Browse Source 
BouncyCastle's X509Name (which is not shipped anymore in Android 3.0)
to verify domain names on SSL/TLS connections.
This commit is contained in:
cketti 2011-02-26 16:57:58 +01:00
parent 3964189f8c
commit 77f4625cd9
1 changed files with 3 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
src/com/fsck/k9/helper/DomainNameChecker.java
View File

@ -16,7 +16,7 @@
package com.fsck.k9.helper;
import org.bouncycastle.asn1.x509.X509Name;
import android.net.http.SslCertificate;
import android.util.Log;
import com.fsck.k9.K9;
import java.net.InetAddress;
@ -28,7 +28,6 @@ import java.util.Iterator;
import java.util.List;
import java.util.regex.Pattern;
import java.util.regex.PatternSyntaxException;
import java.util.Vector;
/**
* Implements basic domain-name validation as specified by RFC2818.
@ -198,14 +197,8 @@ public class DomainNameChecker {
}
if (!hasDns) {
X509Name xName = new X509Name(certificate.getSubjectDN().getName());
Vector<?> val = xName.getValues();
Vector<?> oid = xName.getOIDs();
for (int i = 0; i < oid.size(); i++) {
if (oid.elementAt(i).equals(X509Name.CN)) {
return matchDns(thisDomain, (String)(val.elementAt(i)));
}
}
SslCertificate sslCertificate = new SslCertificate(certificate);
return matchDns(thisDomain, sslCertificate.getIssuedTo().getCName());
}
return false;