mirror of
https://github.com/moparisthebest/open-keychain
synced 2024-11-11 03:25:05 -05:00
Fix url building to support certificate check on hkps servers
Note: the CA used by sks-keyservers.net is not valid for android, thus using hkps fails for them. pgp.mit.edu uses a perfectly valid cert.
This commit is contained in:
parent
cb92c9ccc8
commit
c676e53479
@ -201,15 +201,26 @@ public class HkpKeyserver extends Keyserver {
|
||||
}
|
||||
|
||||
private String query(String request) throws QueryFailedException, HttpError {
|
||||
InetAddress ips[];
|
||||
try {
|
||||
ips = InetAddress.getAllByName(mHost);
|
||||
} catch (UnknownHostException e) {
|
||||
throw new QueryFailedException(e.toString());
|
||||
}
|
||||
for (int i = 0; i < ips.length; ++i) {
|
||||
List<String> urls = new ArrayList<String>();
|
||||
if (mSecure) {
|
||||
urls.add(getUrlPrefix() + mHost + ":" + mPort + request);
|
||||
} else {
|
||||
InetAddress ips[];
|
||||
try {
|
||||
ips = InetAddress.getAllByName(mHost);
|
||||
} catch (UnknownHostException e) {
|
||||
throw new QueryFailedException(e.toString());
|
||||
}
|
||||
for (InetAddress ip : ips) {
|
||||
// Note: This is actually not HTTP 1.1 compliant, as we hide the real "Host" value,
|
||||
// but Android's HTTPUrlConnection does not support any other way to set
|
||||
// Socket's remote IP address...
|
||||
urls.add(getUrlPrefix() + ip.getHostAddress() + ":" + mPort + request);
|
||||
}
|
||||
}
|
||||
|
||||
for (String url : urls) {
|
||||
try {
|
||||
String url = getUrlPrefix() + ips[i].getHostAddress() + ":" + mPort + request;
|
||||
Log.d(Constants.TAG, "hkp keyserver query: " + url);
|
||||
URL realUrl = new URL(url);
|
||||
HttpURLConnection conn = (HttpURLConnection) realUrl.openConnection();
|
||||
@ -272,7 +283,7 @@ public class HkpKeyserver extends Keyserver {
|
||||
while (matcher.find()) {
|
||||
final ImportKeysListEntry entry = new ImportKeysListEntry();
|
||||
entry.setQuery(query);
|
||||
entry.setOrigin("hkp:" + mHost + ":" + mPort);
|
||||
entry.setOrigin(getUrlPrefix() + mHost + ":" + mPort);
|
||||
|
||||
entry.setBitStrength(Integer.parseInt(matcher.group(3)));
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user