summaryrefslogtreecommitdiff
path: root/src/se/leap/leapclient/ProviderAPI.java
diff options
context:
space:
mode:
authorParménides GV <parmegv@sdf.org>2013-07-16 18:45:35 +0200
committerParménides GV <parmegv@sdf.org>2013-07-20 12:03:49 +0200
commit492f353e790875da560d8b29bac86e7db0db8922 (patch)
tree4e265c6793b4d00d9dae99db1ad5e3081b7a1ad2 /src/se/leap/leapclient/ProviderAPI.java
parenta5928718b99e207ceb8dbce4609662ecef1a26cf (diff)
Erroneous untrusted provider toast with LEAP fixed
I've also rearranged how we handle SSL errors. In first place, if the user checked the "Trust completely" checkbox, leap_android tries to use the CA cert pointed out by provider.json. If that does not succeed, it uses an always-returning-true hostname verifier (this was previously done before using CA cert).
Diffstat (limited to 'src/se/leap/leapclient/ProviderAPI.java')
-rw-r--r--src/se/leap/leapclient/ProviderAPI.java7
1 files changed, 3 insertions, 4 deletions
diff --git a/src/se/leap/leapclient/ProviderAPI.java b/src/se/leap/leapclient/ProviderAPI.java
index 37856f60..72b134e5 100644
--- a/src/se/leap/leapclient/ProviderAPI.java
+++ b/src/se/leap/leapclient/ProviderAPI.java
@@ -397,10 +397,9 @@ public class ProviderAPI extends IntentService {
} else {
displayToast(R.string.certificate_error);
}
- displayToast(R.string.certificate_error);
} catch (Exception e) {
if(provider_url != null && danger_on) {
- json_file_content = getStringFromProviderWithoutValidate(provider_url);
+ json_file_content = getStringFromProviderWithCACertAdded(provider_url);
}
}
@@ -433,7 +432,7 @@ public class ProviderAPI extends IntentService {
} catch (MalformedURLException e) {
displayToast(R.string.malformed_url);
} catch (IOException e) {
- json_string = getStringFromProviderWithCACertAdded(string_url);
+ json_string = getStringFromProviderIgnoringCertificate(string_url);
}
return json_string;
@@ -485,7 +484,7 @@ public class ProviderAPI extends IntentService {
displayToast(R.string.server_is_down_message);
} catch (IOException e) {
// The downloaded certificate doesn't validate our https connection.
- json_file_content = getStringFromProviderIgnoringCertificate(url);
+ json_file_content = getStringFromProviderWithoutValidate(url);
displayToast(R.string.certificate_error);
} catch (KeyStoreException e) {
// TODO Auto-generated catch block