1
0
mirror of https://github.com/moparisthebest/k-9 synced 2024-11-16 14:35:04 -05:00

Use SslCertificate that is part of the official Android API instead of

BouncyCastle's X509Name (which is not shipped anymore in Android 3.0)
to verify domain names on SSL/TLS connections.
This commit is contained in:
cketti 2011-02-26 16:57:58 +01:00
parent 3964189f8c
commit 77f4625cd9

View File

@ -16,7 +16,7 @@
package com.fsck.k9.helper;
import org.bouncycastle.asn1.x509.X509Name;
import android.net.http.SslCertificate;
import android.util.Log;
import com.fsck.k9.K9;
import java.net.InetAddress;
@ -28,7 +28,6 @@ import java.util.Iterator;
import java.util.List;
import java.util.regex.Pattern;
import java.util.regex.PatternSyntaxException;
import java.util.Vector;
/**
* Implements basic domain-name validation as specified by RFC2818.
@ -198,14 +197,8 @@ public class DomainNameChecker {
}
if (!hasDns) {
X509Name xName = new X509Name(certificate.getSubjectDN().getName());
Vector<?> val = xName.getValues();
Vector<?> oid = xName.getOIDs();
for (int i = 0; i < oid.size(); i++) {
if (oid.elementAt(i).equals(X509Name.CN)) {
return matchDns(thisDomain, (String)(val.elementAt(i)));
}
}
SslCertificate sslCertificate = new SslCertificate(certificate);
return matchDns(thisDomain, sslCertificate.getIssuedTo().getCName());
}
return false;