Fix url building to support certificate check on hkps servers

Note: the CA used by sks-keyservers.net is not valid for android, thus using hkps fails for them. pgp.mit.edu uses a perfectly valid cert.
2024-11-11 03:25:05 -05:00 · 2014-05-28 20:44:01 +02:00 · 2014-05-28 20:44:01 +02:00 · c676e53479
commit c676e53479
parent cb92c9ccc8
1 changed files with 20 additions and 9 deletions
--- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/keyimport/HkpKeyserver.java
+++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/keyimport/HkpKeyserver.java
@ -201,15 +201,26 @@ public class HkpKeyserver extends Keyserver {
    }

    private String query(String request) throws QueryFailedException, HttpError {
-        InetAddress ips[];
-        try {
-            ips = InetAddress.getAllByName(mHost);
-        } catch (UnknownHostException e) {
-            throw new QueryFailedException(e.toString());
-        }
-        for (int i = 0; i < ips.length; ++i) {
+        List<String> urls = new ArrayList<String>();
+        if (mSecure) {
+            urls.add(getUrlPrefix() + mHost + ":" + mPort + request);
+        } else {
+            InetAddress ips[];
+            try {
+                ips = InetAddress.getAllByName(mHost);
+            } catch (UnknownHostException e) {
+                throw new QueryFailedException(e.toString());
+            }
+            for (InetAddress ip : ips) {
+                // Note: This is actually not HTTP 1.1 compliant, as we hide the real "Host" value,
+                //       but Android's HTTPUrlConnection does not support any other way to set
+                //       Socket's remote IP address...
+                urls.add(getUrlPrefix() + ip.getHostAddress() + ":" + mPort + request);
+            }
+        }
+
+        for (String url : urls) {
            try {
-                String url = getUrlPrefix() + ips[i].getHostAddress() + ":" + mPort + request;
                Log.d(Constants.TAG, "hkp keyserver query: " + url);
                URL realUrl = new URL(url);
                HttpURLConnection conn = (HttpURLConnection) realUrl.openConnection();
@ -272,7 +283,7 @@ public class HkpKeyserver extends Keyserver {
        while (matcher.find()) {
            final ImportKeysListEntry entry = new ImportKeysListEntry();
            entry.setQuery(query);
-            entry.setOrigin("hkp:" + mHost + ":" + mPort);
+            entry.setOrigin(getUrlPrefix() + mHost + ":" + mPort);

            entry.setBitStrength(Integer.parseInt(matcher.group(3)));