summaryrefslogtreecommitdiff
path: root/src/se/leap/leapclient/LeapHttpClient.java
diff options
context:
space:
mode:
authorSean Leonard <meanderingcode@aetherislands.net>2013-07-26 15:30:24 -0600
committerSean Leonard <meanderingcode@aetherislands.net>2013-07-26 15:30:24 -0600
commitf49967fb3f24bf0a22d09b5823bd174a45e758f7 (patch)
tree7fefe9ec3aeff998c5dd99861428717a2c5f3a41 /src/se/leap/leapclient/LeapHttpClient.java
parent8dbb4517b07c42c3b37b0764d63973b5b1ed5ee6 (diff)
parentb69c9a87f60e649221c8f83d58bbd57b35a64aca (diff)
Merge branch 'release-0.2.0'0.2.0
Diffstat (limited to 'src/se/leap/leapclient/LeapHttpClient.java')
-rw-r--r--src/se/leap/leapclient/LeapHttpClient.java87
1 files changed, 87 insertions, 0 deletions
diff --git a/src/se/leap/leapclient/LeapHttpClient.java b/src/se/leap/leapclient/LeapHttpClient.java
new file mode 100644
index 00000000..686d3cc0
--- /dev/null
+++ b/src/se/leap/leapclient/LeapHttpClient.java
@@ -0,0 +1,87 @@
+/**
+ * Copyright (c) 2013 LEAP Encryption Access Project and contributers
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.
+ */
+ package se.leap.leapclient;
+
+import java.security.KeyStore;
+
+import org.apache.http.conn.ClientConnectionManager;
+import org.apache.http.conn.scheme.PlainSocketFactory;
+import org.apache.http.conn.scheme.Scheme;
+import org.apache.http.conn.scheme.SchemeRegistry;
+import org.apache.http.conn.ssl.SSLSocketFactory;
+import org.apache.http.impl.client.DefaultHttpClient;
+import org.apache.http.impl.conn.SingleClientConnManager;
+import android.content.Context;
+
+/**
+ * Implements an HTTP client, enabling LEAP Android app to manage its own runtime keystore or bypass default Android security measures.
+ *
+ * @author rafa
+ *
+ */
+public class LeapHttpClient extends DefaultHttpClient {
+ final Context context;
+
+ private static LeapHttpClient client;
+
+ /**
+ * If the class scope client is null, it creates one and imports, if existing, the main certificate from Shared Preferences.
+ * @param context
+ * @return the new client.
+ */
+ public static LeapHttpClient getInstance(Context context) {
+ if(client == null) {
+ client = new LeapHttpClient(context);
+ String cert_string = ConfigHelper.getStringFromSharedPref(ConfigHelper.MAIN_CERT_KEY);
+ if(cert_string != null) {
+ ConfigHelper.addTrustedCertificate("recovered_certificate", cert_string);
+ }
+ }
+ return client;
+ }
+
+ @Override
+ protected ClientConnectionManager createClientConnectionManager() {
+ SchemeRegistry registry = new SchemeRegistry();
+ registry.register(new Scheme("http", PlainSocketFactory.getSocketFactory(), 80));
+ registry.register(new Scheme("https", newSslSocketFactory(), 443));
+
+ return new SingleClientConnManager(getParams(), registry);
+ }
+
+ /**
+ * Uses keystore from ConfigHelper for the SSLSocketFactory.
+ *
+ * Sets hostname verifier to allow all hostname verifier.
+ * @return
+ */
+ private SSLSocketFactory newSslSocketFactory() {
+ try {
+ KeyStore trusted = ConfigHelper.getKeystore();
+ SSLSocketFactory sf = new SSLSocketFactory(trusted);
+ sf.setHostnameVerifier(SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);
+
+ return sf;
+ } catch (Exception e) {
+ throw new AssertionError(e);
+ }
+ }
+
+ public LeapHttpClient(Context context) {
+ this.context = context;
+ }
+}