summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorSean Leonard <meanderingcode@aetherislands.net>2013-07-22 20:56:38 -0600
committerSean Leonard <meanderingcode@aetherislands.net>2013-07-22 20:56:48 -0600
commitaeee3b18b151c81ea67d1b540a97ce1ec887bf73 (patch)
tree7dc1801837b27bfc98abdcceb0815ef82e6aedf9 /src
parenta5928718b99e207ceb8dbce4609662ecef1a26cf (diff)
parent6b740cdb44bd4f7181f93b6c15e772d14fb96796 (diff)
Merge branch 'bug/incorrect-leap-untrusted-message' into develop
Diffstat (limited to 'src')
-rw-r--r--src/se/leap/leapclient/ProviderAPI.java24
1 files changed, 14 insertions, 10 deletions
diff --git a/src/se/leap/leapclient/ProviderAPI.java b/src/se/leap/leapclient/ProviderAPI.java
index 37856f60..a5da4b42 100644
--- a/src/se/leap/leapclient/ProviderAPI.java
+++ b/src/se/leap/leapclient/ProviderAPI.java
@@ -392,15 +392,14 @@ public class ProviderAPI extends IntentService {
} catch(SocketTimeoutException e) {
displayToast(R.string.server_is_down_message);
} catch (IOException e) {
- if(provider_url != null && danger_on) {
- json_file_content = getStringFromProviderWithoutValidate(provider_url);
+ if(provider_url != null) {
+ json_file_content = getStringFromProviderWithCACertAdded(provider_url, danger_on);
} else {
displayToast(R.string.certificate_error);
}
- displayToast(R.string.certificate_error);
} catch (Exception e) {
if(provider_url != null && danger_on) {
- json_file_content = getStringFromProviderWithoutValidate(provider_url);
+ json_file_content = getStringFromProviderWithCACertAdded(provider_url, danger_on);
}
}
@@ -433,7 +432,7 @@ public class ProviderAPI extends IntentService {
} catch (MalformedURLException e) {
displayToast(R.string.malformed_url);
} catch (IOException e) {
- json_string = getStringFromProviderWithCACertAdded(string_url);
+ json_string = getStringFromProviderIgnoringCertificate(string_url);
}
return json_string;
@@ -442,15 +441,16 @@ public class ProviderAPI extends IntentService {
/**
* Tries to download the contents of the provided url using main certificate from choosen provider.
* @param url
+ * @param danger_on true to download CA certificate in case it has not been downloaded.
* @return an empty string if it fails, the url content if not.
*/
- private String getStringFromProviderWithCACertAdded(URL url) {
+ private String getStringFromProviderWithCACertAdded(URL url, boolean danger_on) {
String json_file_content = "";
// Load CAs from an InputStream
// (could be from a resource or ByteArrayInputStream or ...)
String cert_string = ConfigHelper.getStringFromSharedPref(ConfigHelper.MAIN_CERT_KEY);
- if(cert_string.isEmpty()) {
+ if(cert_string.isEmpty() && danger_on) {
cert_string = downloadCertificateWithoutTrusting(url.getProtocol() + "://" + url.getHost() + "/" + "ca.crt");
ConfigHelper.saveSharedPref(ConfigHelper.MAIN_CERT_KEY, cert_string);
}
@@ -462,7 +462,7 @@ public class ProviderAPI extends IntentService {
String keyStoreType = KeyStore.getDefaultType();
KeyStore keyStore = KeyStore.getInstance(keyStoreType);
keyStore.load(null, null);
- keyStore.setCertificateEntry("dangerous_certificate", dangerous_certificate);
+ keyStore.setCertificateEntry("provider_ca_certificate", dangerous_certificate);
// Create a TrustManager that trusts the CAs in our KeyStore
String tmfAlgorithm = TrustManagerFactory.getDefaultAlgorithm();
@@ -485,8 +485,11 @@ public class ProviderAPI extends IntentService {
displayToast(R.string.server_is_down_message);
} catch (IOException e) {
// The downloaded certificate doesn't validate our https connection.
- json_file_content = getStringFromProviderIgnoringCertificate(url);
- displayToast(R.string.certificate_error);
+ if(danger_on) {
+ json_file_content = getStringFromProviderWithoutValidate(url);
+ } else {
+ displayToast(R.string.certificate_error);
+ }
} catch (KeyStoreException e) {
// TODO Auto-generated catch block
e.printStackTrace();
@@ -536,6 +539,7 @@ public class ProviderAPI extends IntentService {
} catch (IOException e) {
// The downloaded certificate doesn't validate our https connection.
e.printStackTrace();
+ displayToast(R.string.certificate_error);
} catch (NoSuchAlgorithmException e) {
// TODO Auto-generated catch block
e.printStackTrace();