From 8ab36864e2a393df077073f8618a4fc55c307522 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Parm=C3=A9nides=20GV?= Date: Mon, 4 Feb 2013 18:44:38 +0100 Subject: Secure HTTP working with certificates downloaded from api.bitmask.net and bitmask.net. Both prefs are downloaded and parsed to SharedPreferences. --- src/se/leap/leapclient/LeapHttpClient.java | 58 ++++++++++++++++++++++++++++++ 1 file changed, 58 insertions(+) create mode 100644 src/se/leap/leapclient/LeapHttpClient.java (limited to 'src/se/leap/leapclient/LeapHttpClient.java') diff --git a/src/se/leap/leapclient/LeapHttpClient.java b/src/se/leap/leapclient/LeapHttpClient.java new file mode 100644 index 00000000..41cb7879 --- /dev/null +++ b/src/se/leap/leapclient/LeapHttpClient.java @@ -0,0 +1,58 @@ +package se.leap.leapclient; + +import java.io.InputStream; +import java.security.KeyStore; + +import org.apache.http.conn.ClientConnectionManager; +import org.apache.http.conn.scheme.PlainSocketFactory; +import org.apache.http.conn.scheme.Scheme; +import org.apache.http.conn.scheme.SchemeRegistry; +import org.apache.http.conn.ssl.SSLSocketFactory; +import org.apache.http.impl.client.DefaultHttpClient; +import org.apache.http.impl.conn.SingleClientConnManager; + +import android.content.Context; + +public class LeapHttpClient extends DefaultHttpClient { + final Context context; + + public LeapHttpClient(Context context) { + this.context = context; + } + + @Override + protected ClientConnectionManager createClientConnectionManager() { + SchemeRegistry registry = new SchemeRegistry(); + registry.register(new Scheme("http", PlainSocketFactory.getSocketFactory(), 80)); + // Register for port 443 our SSLSocketFactory with our keystore + // to the ConnectionManager + registry.register(new Scheme("https", newSslSocketFactory(), 443)); + return new SingleClientConnManager(getParams(), registry); + } + + private SSLSocketFactory newSslSocketFactory() { + try { + // Get an instance of the Bouncy Castle KeyStore format + KeyStore trusted = KeyStore.getInstance("BKS"); + // Get the raw resource, which contains the keystore with + // your trusted certificates (root and any intermediate certs) + InputStream in = context.getResources().openRawResource(R.raw.leapkeystore); + try { + // Initialize the keystore with the provided trusted certificates + // Also provide the password of the keystore + trusted.load(in, "uer92jf".toCharArray()); + } finally { + in.close(); + } + // Pass the keystore to the SSLSocketFactory. The factory is responsible + // for the verification of the server certificate. + SSLSocketFactory sf = new SSLSocketFactory(trusted); + // Hostname verification from certificate + // http://hc.apache.org/httpcomponents-client-ga/tutorial/html/connmgmt.html#d4e506 + sf.setHostnameVerifier(SSLSocketFactory.STRICT_HOSTNAME_VERIFIER); + return sf; + } catch (Exception e) { + throw new AssertionError(e); + } + } +} -- cgit v1.2.3 From 1d5f1c320ee67cfadd62aeef056a043bee75096d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Parm=C3=A9nides=20GV?= Date: Tue, 5 Feb 2013 20:46:33 +0100 Subject: Simplified certificates and urls: only 1 certificate, and no :443 port in eip. Downloads certificate and eip from web, and loads provider from assets. KeyStore not created with latest version of BouncyCastle. Looking forward to file a bug and look for a solution. --- src/se/leap/leapclient/LeapHttpClient.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'src/se/leap/leapclient/LeapHttpClient.java') diff --git a/src/se/leap/leapclient/LeapHttpClient.java b/src/se/leap/leapclient/LeapHttpClient.java index 41cb7879..9e1a541b 100644 --- a/src/se/leap/leapclient/LeapHttpClient.java +++ b/src/se/leap/leapclient/LeapHttpClient.java @@ -49,7 +49,7 @@ public class LeapHttpClient extends DefaultHttpClient { SSLSocketFactory sf = new SSLSocketFactory(trusted); // Hostname verification from certificate // http://hc.apache.org/httpcomponents-client-ga/tutorial/html/connmgmt.html#d4e506 - sf.setHostnameVerifier(SSLSocketFactory.STRICT_HOSTNAME_VERIFIER); + sf.setHostnameVerifier(SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER); return sf; } catch (Exception e) { throw new AssertionError(e); -- cgit v1.2.3 From 203c8caca5a305b90fd0e69c965e503afe979354 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Parm=C3=A9nides=20GV?= Date: Thu, 14 Mar 2013 19:53:31 +0100 Subject: After downloading provider.json successfully, ConfigurationWizard now can download eip-service.json and ca.crt without having the latter as a predefined trusted certificate. It does not ask anything about trusting the new certificate as far as selecting a custom provider means that the user trusts that url. Next step: make provider.json also downloadable from https address using ca.cert not trusted. --- src/se/leap/leapclient/LeapHttpClient.java | 15 ++++----------- 1 file changed, 4 insertions(+), 11 deletions(-) (limited to 'src/se/leap/leapclient/LeapHttpClient.java') diff --git a/src/se/leap/leapclient/LeapHttpClient.java b/src/se/leap/leapclient/LeapHttpClient.java index 9e1a541b..9ee0a95e 100644 --- a/src/se/leap/leapclient/LeapHttpClient.java +++ b/src/se/leap/leapclient/LeapHttpClient.java @@ -33,23 +33,16 @@ public class LeapHttpClient extends DefaultHttpClient { private SSLSocketFactory newSslSocketFactory() { try { // Get an instance of the Bouncy Castle KeyStore format - KeyStore trusted = KeyStore.getInstance("BKS"); - // Get the raw resource, which contains the keystore with - // your trusted certificates (root and any intermediate certs) - InputStream in = context.getResources().openRawResource(R.raw.leapkeystore); - try { - // Initialize the keystore with the provided trusted certificates - // Also provide the password of the keystore - trusted.load(in, "uer92jf".toCharArray()); - } finally { - in.close(); - } + KeyStore trusted = ConfigHelper.getKeystore(); + // Pass the keystore to the SSLSocketFactory. The factory is responsible // for the verification of the server certificate. SSLSocketFactory sf = new SSLSocketFactory(trusted); + // Hostname verification from certificate // http://hc.apache.org/httpcomponents-client-ga/tutorial/html/connmgmt.html#d4e506 sf.setHostnameVerifier(SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER); + return sf; } catch (Exception e) { throw new AssertionError(e); -- cgit v1.2.3 From 3e9a68fcc6c16be69abfa27d5fd3a2cbfc620bb0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Parm=C3=A9nides=20GV?= Date: Wed, 3 Apr 2013 19:34:40 +0200 Subject: Fixed bug #2146 => A calculation is now fine. Next step: fix M1 calculation, since right now (using tests) response() method is not doing OK. Added new SRPSession modifying response() method from JBoss SRP implementation. Added hosts-for-android-emulator. Use with the following commands to be able to test on api.lvh.me: adb shell mount -o rw,remount -t yaffs2 /dev/block/mtdblock3 /system adb push ~/workspace/leap_android/hosts-for-android-emulator /system/etc/hosts --- src/se/leap/leapclient/LeapHttpClient.java | 8 ++++++++ 1 file changed, 8 insertions(+) (limited to 'src/se/leap/leapclient/LeapHttpClient.java') diff --git a/src/se/leap/leapclient/LeapHttpClient.java b/src/se/leap/leapclient/LeapHttpClient.java index 9e1a541b..fd6db745 100644 --- a/src/se/leap/leapclient/LeapHttpClient.java +++ b/src/se/leap/leapclient/LeapHttpClient.java @@ -15,6 +15,8 @@ import android.content.Context; public class LeapHttpClient extends DefaultHttpClient { final Context context; + + private static LeapHttpClient client; public LeapHttpClient(Context context) { this.context = context; @@ -55,4 +57,10 @@ public class LeapHttpClient extends DefaultHttpClient { throw new AssertionError(e); } } + + public static LeapHttpClient getInstance(Context context) { + if(client == null) + client = new LeapHttpClient(context); + return client; + } } -- cgit v1.2.3 From c3d73145c746419d23ec1a337b62506c4ef70fcf Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Parm=C3=A9nides=20GV?= Date: Mon, 15 Apr 2013 17:52:19 +0200 Subject: Added one "else if" that I missed during merge. Next step: understand why ca.cert from bitmask is not being downloaded correctly. --- src/se/leap/leapclient/LeapHttpClient.java | 1 - 1 file changed, 1 deletion(-) (limited to 'src/se/leap/leapclient/LeapHttpClient.java') diff --git a/src/se/leap/leapclient/LeapHttpClient.java b/src/se/leap/leapclient/LeapHttpClient.java index 51b76b2c..d1908c34 100644 --- a/src/se/leap/leapclient/LeapHttpClient.java +++ b/src/se/leap/leapclient/LeapHttpClient.java @@ -1,6 +1,5 @@ package se.leap.leapclient; -import java.io.InputStream; import java.security.KeyStore; import org.apache.http.conn.ClientConnectionManager; -- cgit v1.2.3 From ff3d469a9549e3670e097fc0e49c043c84e7b7d4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Parm=C3=A9nides=20GV?= Date: Wed, 1 May 2013 18:41:05 +0200 Subject: If the app is restarted with a custom provider selected, the client can request a log in without certificates problems. I've removed the addition of the certificate when downloaded eip-service.json, because I already do that in LeapHttpClient. Solves issue 2367: https://leap.se/code/issues/2367 --- src/se/leap/leapclient/LeapHttpClient.java | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) (limited to 'src/se/leap/leapclient/LeapHttpClient.java') diff --git a/src/se/leap/leapclient/LeapHttpClient.java b/src/se/leap/leapclient/LeapHttpClient.java index d1908c34..f9119823 100644 --- a/src/se/leap/leapclient/LeapHttpClient.java +++ b/src/se/leap/leapclient/LeapHttpClient.java @@ -51,8 +51,13 @@ public class LeapHttpClient extends DefaultHttpClient { } public static LeapHttpClient getInstance(Context context) { - if(client == null) + if(client == null) { client = new LeapHttpClient(context); + String cert_string = ConfigHelper.getStringFromSharedPref(ConfigHelper.cert_key); + if(!cert_string.isEmpty()) { + ConfigHelper.addTrustedCertificate("recovered_certificate", cert_string); + } + } return client; } } -- cgit v1.2.3 From fb5e26c2ff4f95dd826a3ce3545865ac4388b711 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Parm=C3=A9nides=20GV?= Date: Wed, 8 May 2013 18:23:10 +0200 Subject: After loggin in successfully, the new client certificate is downloaded. It is stored in SharedPrefs, with ConfigHelper.cert_key (="cert") key. --- src/se/leap/leapclient/LeapHttpClient.java | 17 +++++++++++++---- 1 file changed, 13 insertions(+), 4 deletions(-) (limited to 'src/se/leap/leapclient/LeapHttpClient.java') diff --git a/src/se/leap/leapclient/LeapHttpClient.java b/src/se/leap/leapclient/LeapHttpClient.java index f9119823..4de7ae08 100644 --- a/src/se/leap/leapclient/LeapHttpClient.java +++ b/src/se/leap/leapclient/LeapHttpClient.java @@ -9,6 +9,8 @@ import org.apache.http.conn.scheme.SchemeRegistry; import org.apache.http.conn.ssl.SSLSocketFactory; import org.apache.http.impl.client.DefaultHttpClient; import org.apache.http.impl.conn.SingleClientConnManager; +import org.json.JSONException; +import org.json.JSONObject; import android.content.Context; @@ -49,13 +51,20 @@ public class LeapHttpClient extends DefaultHttpClient { throw new AssertionError(e); } } - + public static LeapHttpClient getInstance(Context context) { if(client == null) { client = new LeapHttpClient(context); - String cert_string = ConfigHelper.getStringFromSharedPref(ConfigHelper.cert_key); - if(!cert_string.isEmpty()) { - ConfigHelper.addTrustedCertificate("recovered_certificate", cert_string); + String cert_json_string = ConfigHelper.getStringFromSharedPref(ConfigHelper.main_cert_key); + String cert_string; + try { + cert_string = new JSONObject(cert_json_string).getString(ConfigHelper.main_cert_key); + if(!cert_string.isEmpty()) { + ConfigHelper.addTrustedCertificate("recovered_certificate", cert_string); + } + } catch (JSONException e) { + // TODO Auto-generated catch block + e.printStackTrace(); } } return client; -- cgit v1.2.3 From 80a8106afc8956008beb9d1ed9396f1d695d5b7b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Parm=C3=A9nides=20GV?= Date: Mon, 13 May 2013 20:39:34 +0200 Subject: A bit more clean. I've upper cased ConfigHelper constants. I've created a new method in ConfigHelper, to send requests to a server, that it's used when sending A and M1. --- src/se/leap/leapclient/LeapHttpClient.java | 96 +++++++++++++++--------------- 1 file changed, 48 insertions(+), 48 deletions(-) (limited to 'src/se/leap/leapclient/LeapHttpClient.java') diff --git a/src/se/leap/leapclient/LeapHttpClient.java b/src/se/leap/leapclient/LeapHttpClient.java index 4de7ae08..a2ee8ad6 100644 --- a/src/se/leap/leapclient/LeapHttpClient.java +++ b/src/se/leap/leapclient/LeapHttpClient.java @@ -16,57 +16,57 @@ import android.content.Context; public class LeapHttpClient extends DefaultHttpClient { final Context context; - + private static LeapHttpClient client; - public LeapHttpClient(Context context) { - this.context = context; - } + public static LeapHttpClient getInstance(Context context) { + if(client == null) { + client = new LeapHttpClient(context); + String cert_json_string = ConfigHelper.getStringFromSharedPref(ConfigHelper.MAIN_CERT_KEY); + String cert_string; + try { + cert_string = new JSONObject(cert_json_string).getString(ConfigHelper.MAIN_CERT_KEY); + if(!cert_string.isEmpty()) { + ConfigHelper.addTrustedCertificate("recovered_certificate", cert_string); + } + } catch (JSONException e) { + // TODO Auto-generated catch block + e.printStackTrace(); + } + } + return client; + } + + @Override + protected ClientConnectionManager createClientConnectionManager() { + SchemeRegistry registry = new SchemeRegistry(); + registry.register(new Scheme("http", PlainSocketFactory.getSocketFactory(), 80)); + // Register for port 443 our SSLSocketFactory with our keystore + // to the ConnectionManager + registry.register(new Scheme("https", newSslSocketFactory(), 443)); + return new SingleClientConnManager(getParams(), registry); + } + + private SSLSocketFactory newSslSocketFactory() { + try { + // Get an instance of the Bouncy Castle KeyStore format + KeyStore trusted = ConfigHelper.getKeystore(); + + // Pass the keystore to the SSLSocketFactory. The factory is responsible + // for the verification of the server certificate. + SSLSocketFactory sf = new SSLSocketFactory(trusted); - @Override - protected ClientConnectionManager createClientConnectionManager() { - SchemeRegistry registry = new SchemeRegistry(); - registry.register(new Scheme("http", PlainSocketFactory.getSocketFactory(), 80)); - // Register for port 443 our SSLSocketFactory with our keystore - // to the ConnectionManager - registry.register(new Scheme("https", newSslSocketFactory(), 443)); - return new SingleClientConnManager(getParams(), registry); - } + // Hostname verification from certificate + // http://hc.apache.org/httpcomponents-client-ga/tutorial/html/connmgmt.html#d4e506 + sf.setHostnameVerifier(SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER); - private SSLSocketFactory newSslSocketFactory() { - try { - // Get an instance of the Bouncy Castle KeyStore format - KeyStore trusted = ConfigHelper.getKeystore(); - - // Pass the keystore to the SSLSocketFactory. The factory is responsible - // for the verification of the server certificate. - SSLSocketFactory sf = new SSLSocketFactory(trusted); - - // Hostname verification from certificate - // http://hc.apache.org/httpcomponents-client-ga/tutorial/html/connmgmt.html#d4e506 - sf.setHostnameVerifier(SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER); - - return sf; - } catch (Exception e) { - throw new AssertionError(e); - } - } + return sf; + } catch (Exception e) { + throw new AssertionError(e); + } + } - public static LeapHttpClient getInstance(Context context) { - if(client == null) { - client = new LeapHttpClient(context); - String cert_json_string = ConfigHelper.getStringFromSharedPref(ConfigHelper.main_cert_key); - String cert_string; - try { - cert_string = new JSONObject(cert_json_string).getString(ConfigHelper.main_cert_key); - if(!cert_string.isEmpty()) { - ConfigHelper.addTrustedCertificate("recovered_certificate", cert_string); - } - } catch (JSONException e) { - // TODO Auto-generated catch block - e.printStackTrace(); - } - } - return client; - } + public LeapHttpClient(Context context) { + this.context = context; + } } -- cgit v1.2.3 From 57ac2c271561fe9f1255109733f5daae06e9234c Mon Sep 17 00:00:00 2001 From: Sean Leonard Date: Sat, 8 Jun 2013 23:12:49 -0600 Subject: More changes to calls for SharedPreferences via ConfigHelper methods --- src/se/leap/leapclient/LeapHttpClient.java | 16 +++------------- 1 file changed, 3 insertions(+), 13 deletions(-) (limited to 'src/se/leap/leapclient/LeapHttpClient.java') diff --git a/src/se/leap/leapclient/LeapHttpClient.java b/src/se/leap/leapclient/LeapHttpClient.java index a2ee8ad6..646f80f5 100644 --- a/src/se/leap/leapclient/LeapHttpClient.java +++ b/src/se/leap/leapclient/LeapHttpClient.java @@ -9,9 +9,6 @@ import org.apache.http.conn.scheme.SchemeRegistry; import org.apache.http.conn.ssl.SSLSocketFactory; import org.apache.http.impl.client.DefaultHttpClient; import org.apache.http.impl.conn.SingleClientConnManager; -import org.json.JSONException; -import org.json.JSONObject; - import android.content.Context; public class LeapHttpClient extends DefaultHttpClient { @@ -22,16 +19,9 @@ public class LeapHttpClient extends DefaultHttpClient { public static LeapHttpClient getInstance(Context context) { if(client == null) { client = new LeapHttpClient(context); - String cert_json_string = ConfigHelper.getStringFromSharedPref(ConfigHelper.MAIN_CERT_KEY); - String cert_string; - try { - cert_string = new JSONObject(cert_json_string).getString(ConfigHelper.MAIN_CERT_KEY); - if(!cert_string.isEmpty()) { - ConfigHelper.addTrustedCertificate("recovered_certificate", cert_string); - } - } catch (JSONException e) { - // TODO Auto-generated catch block - e.printStackTrace(); + String cert_string = ConfigHelper.getStringFromSharedPref(ConfigHelper.MAIN_CERT_KEY); + if(!cert_string.isEmpty()) { + ConfigHelper.addTrustedCertificate("recovered_certificate", cert_string); } } return client; -- cgit v1.2.3 From 5d14f128f8da5384e6834008326e435524c8fe33 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Parm=C3=A9nides=20GV?= Date: Mon, 10 Jun 2013 18:18:07 +0200 Subject: NullPointer solved. ConfigHelper refactored methods returning nulls instead of empty objects broke LeapHttpClient getInstance implementation, because it checked the emptiness of the object and not if it was null. --- src/se/leap/leapclient/LeapHttpClient.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'src/se/leap/leapclient/LeapHttpClient.java') diff --git a/src/se/leap/leapclient/LeapHttpClient.java b/src/se/leap/leapclient/LeapHttpClient.java index 646f80f5..3eeebe95 100644 --- a/src/se/leap/leapclient/LeapHttpClient.java +++ b/src/se/leap/leapclient/LeapHttpClient.java @@ -20,7 +20,7 @@ public class LeapHttpClient extends DefaultHttpClient { if(client == null) { client = new LeapHttpClient(context); String cert_string = ConfigHelper.getStringFromSharedPref(ConfigHelper.MAIN_CERT_KEY); - if(!cert_string.isEmpty()) { + if(cert_string != null) { ConfigHelper.addTrustedCertificate("recovered_certificate", cert_string); } } -- cgit v1.2.3 From 2f69eb6eb9aa3993354e8de295df68558ab7b71e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Parm=C3=A9nides=20GV?= Date: Wed, 12 Jun 2013 18:51:44 +0200 Subject: Removed some unnecessary libraries. I've also removed some unnecessary comments from LeapHttpClient. --- src/se/leap/leapclient/LeapHttpClient.java | 10 +--------- 1 file changed, 1 insertion(+), 9 deletions(-) (limited to 'src/se/leap/leapclient/LeapHttpClient.java') diff --git a/src/se/leap/leapclient/LeapHttpClient.java b/src/se/leap/leapclient/LeapHttpClient.java index 3eeebe95..00ee15e9 100644 --- a/src/se/leap/leapclient/LeapHttpClient.java +++ b/src/se/leap/leapclient/LeapHttpClient.java @@ -31,23 +31,15 @@ public class LeapHttpClient extends DefaultHttpClient { protected ClientConnectionManager createClientConnectionManager() { SchemeRegistry registry = new SchemeRegistry(); registry.register(new Scheme("http", PlainSocketFactory.getSocketFactory(), 80)); - // Register for port 443 our SSLSocketFactory with our keystore - // to the ConnectionManager registry.register(new Scheme("https", newSslSocketFactory(), 443)); + return new SingleClientConnManager(getParams(), registry); } private SSLSocketFactory newSslSocketFactory() { try { - // Get an instance of the Bouncy Castle KeyStore format KeyStore trusted = ConfigHelper.getKeystore(); - - // Pass the keystore to the SSLSocketFactory. The factory is responsible - // for the verification of the server certificate. SSLSocketFactory sf = new SSLSocketFactory(trusted); - - // Hostname verification from certificate - // http://hc.apache.org/httpcomponents-client-ga/tutorial/html/connmgmt.html#d4e506 sf.setHostnameVerifier(SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER); return sf; -- cgit v1.2.3 From d475ae617d8dc0994a1294be7c8cca338a68fd9e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Parm=C3=A9nides=20GV?= Date: Wed, 19 Jun 2013 19:05:12 +0200 Subject: First round of comments. This resolves the first step from issue #2908. Next step: Put user message strings into an appropiate place. --- src/se/leap/leapclient/LeapHttpClient.java | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) (limited to 'src/se/leap/leapclient/LeapHttpClient.java') diff --git a/src/se/leap/leapclient/LeapHttpClient.java b/src/se/leap/leapclient/LeapHttpClient.java index 00ee15e9..42f9a523 100644 --- a/src/se/leap/leapclient/LeapHttpClient.java +++ b/src/se/leap/leapclient/LeapHttpClient.java @@ -11,11 +11,22 @@ import org.apache.http.impl.client.DefaultHttpClient; import org.apache.http.impl.conn.SingleClientConnManager; import android.content.Context; +/** + * Implements an HTTP client, enabling LEAP Android app to manage its own runtime keystore or bypass default Android security measures. + * + * @author rafa + * + */ public class LeapHttpClient extends DefaultHttpClient { final Context context; private static LeapHttpClient client; + /** + * If the class scope client is null, it creates one and imports, if existing, the main certificate from Shared Preferences. + * @param context + * @return the new client. + */ public static LeapHttpClient getInstance(Context context) { if(client == null) { client = new LeapHttpClient(context); @@ -36,6 +47,12 @@ public class LeapHttpClient extends DefaultHttpClient { return new SingleClientConnManager(getParams(), registry); } + /** + * Uses keystore from ConfigHelper for the SSLSocketFactory. + * + * Sets hostname verifier to allow all hostname verifier. + * @return + */ private SSLSocketFactory newSslSocketFactory() { try { KeyStore trusted = ConfigHelper.getKeystore(); -- cgit v1.2.3 From 22e90c26036291de66f26ee148bb4c75b68c7764 Mon Sep 17 00:00:00 2001 From: Sean Leonard Date: Fri, 12 Jul 2013 21:53:57 -0600 Subject: Include GPLv3+ file and header for files in se.leap.leapclient package --- src/se/leap/leapclient/LeapHttpClient.java | 18 +++++++++++++++++- 1 file changed, 17 insertions(+), 1 deletion(-) (limited to 'src/se/leap/leapclient/LeapHttpClient.java') diff --git a/src/se/leap/leapclient/LeapHttpClient.java b/src/se/leap/leapclient/LeapHttpClient.java index 42f9a523..686d3cc0 100644 --- a/src/se/leap/leapclient/LeapHttpClient.java +++ b/src/se/leap/leapclient/LeapHttpClient.java @@ -1,4 +1,20 @@ -package se.leap.leapclient; +/** + * Copyright (c) 2013 LEAP Encryption Access Project and contributers + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program. If not, see . + */ + package se.leap.leapclient; import java.security.KeyStore; -- cgit v1.2.3