summaryrefslogtreecommitdiff
path: root/src/se/leap/leapclient/LeapHttpClient.java
diff options
context:
space:
mode:
authorParménides GV <parmegv@sdf.org>2013-03-14 19:53:31 +0100
committerParménides GV <parmegv@sdf.org>2013-03-14 19:53:31 +0100
commit203c8caca5a305b90fd0e69c965e503afe979354 (patch)
tree843956654a949dc64b7e4f758847820b432f0454 /src/se/leap/leapclient/LeapHttpClient.java
parent929fa9a3b7621e0a956ed8d7beffb87ed7f16249 (diff)
After downloading provider.json successfully, ConfigurationWizard now
can download eip-service.json and ca.crt without having the latter as a predefined trusted certificate. It does not ask anything about trusting the new certificate as far as selecting a custom provider means that the user trusts that url. Next step: make provider.json also downloadable from https address using ca.cert not trusted.
Diffstat (limited to 'src/se/leap/leapclient/LeapHttpClient.java')
-rw-r--r--src/se/leap/leapclient/LeapHttpClient.java15
1 files changed, 4 insertions, 11 deletions
diff --git a/src/se/leap/leapclient/LeapHttpClient.java b/src/se/leap/leapclient/LeapHttpClient.java
index 9e1a541b..9ee0a95e 100644
--- a/src/se/leap/leapclient/LeapHttpClient.java
+++ b/src/se/leap/leapclient/LeapHttpClient.java
@@ -33,23 +33,16 @@ public class LeapHttpClient extends DefaultHttpClient {
private SSLSocketFactory newSslSocketFactory() {
try {
// Get an instance of the Bouncy Castle KeyStore format
- KeyStore trusted = KeyStore.getInstance("BKS");
- // Get the raw resource, which contains the keystore with
- // your trusted certificates (root and any intermediate certs)
- InputStream in = context.getResources().openRawResource(R.raw.leapkeystore);
- try {
- // Initialize the keystore with the provided trusted certificates
- // Also provide the password of the keystore
- trusted.load(in, "uer92jf".toCharArray());
- } finally {
- in.close();
- }
+ KeyStore trusted = ConfigHelper.getKeystore();
+
// Pass the keystore to the SSLSocketFactory. The factory is responsible
// for the verification of the server certificate.
SSLSocketFactory sf = new SSLSocketFactory(trusted);
+
// Hostname verification from certificate
// http://hc.apache.org/httpcomponents-client-ga/tutorial/html/connmgmt.html#d4e506
sf.setHostnameVerifier(SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);
+
return sf;
} catch (Exception e) {
throw new AssertionError(e);