diff options
author | Parménides GV <parmegv@sdf.org> | 2013-07-16 18:45:35 +0200 |
---|---|---|
committer | Parménides GV <parmegv@sdf.org> | 2013-07-20 12:03:49 +0200 |
commit | 492f353e790875da560d8b29bac86e7db0db8922 (patch) | |
tree | 4e265c6793b4d00d9dae99db1ad5e3081b7a1ad2 /src/se/leap/leapclient/ProviderAPI.java | |
parent | a5928718b99e207ceb8dbce4609662ecef1a26cf (diff) |
Erroneous untrusted provider toast with LEAP fixed
I've also rearranged how we handle SSL errors. In first place, if the
user checked the "Trust completely" checkbox, leap_android tries to use
the CA cert pointed out by provider.json.
If that does not succeed, it uses an always-returning-true hostname
verifier (this was previously done before using CA cert).
Diffstat (limited to 'src/se/leap/leapclient/ProviderAPI.java')
-rw-r--r-- | src/se/leap/leapclient/ProviderAPI.java | 7 |
1 files changed, 3 insertions, 4 deletions
diff --git a/src/se/leap/leapclient/ProviderAPI.java b/src/se/leap/leapclient/ProviderAPI.java index 37856f60..72b134e5 100644 --- a/src/se/leap/leapclient/ProviderAPI.java +++ b/src/se/leap/leapclient/ProviderAPI.java @@ -397,10 +397,9 @@ public class ProviderAPI extends IntentService { } else { displayToast(R.string.certificate_error); } - displayToast(R.string.certificate_error); } catch (Exception e) { if(provider_url != null && danger_on) { - json_file_content = getStringFromProviderWithoutValidate(provider_url); + json_file_content = getStringFromProviderWithCACertAdded(provider_url); } } @@ -433,7 +432,7 @@ public class ProviderAPI extends IntentService { } catch (MalformedURLException e) { displayToast(R.string.malformed_url); } catch (IOException e) { - json_string = getStringFromProviderWithCACertAdded(string_url); + json_string = getStringFromProviderIgnoringCertificate(string_url); } return json_string; @@ -485,7 +484,7 @@ public class ProviderAPI extends IntentService { displayToast(R.string.server_is_down_message); } catch (IOException e) { // The downloaded certificate doesn't validate our https connection. - json_file_content = getStringFromProviderIgnoringCertificate(url); + json_file_content = getStringFromProviderWithoutValidate(url); displayToast(R.string.certificate_error); } catch (KeyStoreException e) { // TODO Auto-generated catch block |