flywithu/ownCloud-SMS-App
1
0
Fork 0
mirror of https://github.com/nerzhul/ownCloud-SMS-App.git synced 2025-06-07 16:06:18 +00:00
Code Issues Releases Wiki Activity

Re-initiate the SSL trust manager and remove org.apache.commons.httpclient

Browse Source 
+ fix a wrong string
This commit is contained in:
Loic Blot 2017-11-03 12:21:16 +01:00
parent 5cb6c63f16
commit a17bffb68c
No known key found for this signature in database
GPG Key ID: EFAA458E8C153987
5 changed files with 29 additions and 368 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
build.gradle
View File

@ -63,7 +63,6 @@ repositories {
} }
dependencies { dependencies {
compile 'commons-httpclient:commons-httpclient:3.1'
compile 'com.android.support:support-v13:26.1.0' compile 'com.android.support:support-v13:26.1.0'
compile 'com.android.support:appcompat-v7:26.1.0' compile 'com.android.support:appcompat-v7:26.1.0'
compile 'com.android.support:design:26.1.0' compile 'com.android.support:design:26.1.0'

33
src/main/java/fr/unix_experience/owncloud_sms/engine/OCHttpClient.java
View File

@ -22,9 +22,6 @@ import android.util.Base64;
import android.util.Log; import android.util.Log;
import android.util.Pair; import android.util.Pair;
import org.apache.commons.httpclient.contrib.ssl.EasySSLProtocolSocketFactory;
import org.apache.commons.httpclient.protocol.Protocol;
import org.apache.commons.httpclient.protocol.ProtocolSocketFactory;
import org.json.JSONException; import org.json.JSONException;
import org.json.JSONObject; import org.json.JSONObject;
@ -38,6 +35,11 @@ import java.net.MalformedURLException;
import java.net.URL; import java.net.URL;
import java.nio.charset.Charset; import java.nio.charset.Charset;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;
import fr.unix_experience.owncloud_sms.R; import fr.unix_experience.owncloud_sms.R;
import fr.unix_experience.owncloud_sms.enums.OCSyncErrorType; import fr.unix_experience.owncloud_sms.enums.OCSyncErrorType;
import fr.unix_experience.owncloud_sms.exceptions.OCSyncException; import fr.unix_experience.owncloud_sms.exceptions.OCSyncException;
@ -67,8 +69,29 @@ public class OCHttpClient {
private static final String OC_V2_GET_MESSAGES_SENDQUEUE = "/index.php/apps/ocsms/api/v2/messages/sendqueue?format=json"; private static final String OC_V2_GET_MESSAGES_SENDQUEUE = "/index.php/apps/ocsms/api/v2/messages/sendqueue?format=json";
public OCHttpClient(Context context, URL serverURL, String accountName, String accountPassword) { public OCHttpClient(Context context, URL serverURL, String accountName, String accountPassword) {
Protocol easyhttps = new Protocol("https", (ProtocolSocketFactory)new EasySSLProtocolSocketFactory(), 443); // Create a trust manager that does not validate certificate chains
Protocol.registerProtocol("https", easyhttps); TrustManager[] trustAllCerts = new TrustManager[]{
new X509TrustManager() {
public java.security.cert.X509Certificate[] getAcceptedIssuers() {
return null;
}
public void checkClientTrusted(
java.security.cert.X509Certificate[] certs, String authType) {
}
public void checkServerTrusted(
java.security.cert.X509Certificate[] certs, String authType) {
}
}
};
// Install the all-trusting trust manager
try {
SSLContext sc = SSLContext.getInstance("SSL");
sc.init(null, trustAllCerts, new java.security.SecureRandom());
HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
} catch (Exception ignored) {
}
_url = serverURL; _url = serverURL;
_username = accountName; _username = accountName;
_password = accountPassword; _password = accountPassword;

258
src/main/java/org/apache/commons/httpclient/contrib/ssl/EasySSLProtocolSocketFactory.java
View File

@ -1,258 +0,0 @@
/*
* $HeadURL$
* $Revision$
* $Date$
*
* ====================================================================
*
* Licensed to the Apache Software Foundation (ASF) under one or more
* contributor license agreements. See the NOTICE file distributed with
* this work for additional information regarding copyright ownership.
* The ASF licenses this file to You under the Apache License, Version 2.0
* (the "License"); you may not use this file except in compliance with
* the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
* ====================================================================
*
* This software consists of voluntary contributions made by many
* individuals on behalf of the Apache Software Foundation. For more
* information on the Apache Software Foundation, please see
* <http://www.apache.org/>.
*
*/
package org.apache.commons.httpclient.contrib.ssl;
import android.util.Log;
import org.apache.commons.httpclient.ConnectTimeoutException;
import org.apache.commons.httpclient.HttpClientError;
import org.apache.commons.httpclient.params.HttpConnectionParams;
import org.apache.commons.httpclient.protocol.SecureProtocolSocketFactory;
import java.io.IOException;
import java.net.InetAddress;
import java.net.InetSocketAddress;
import java.net.Socket;
import java.net.SocketAddress;
import java.net.UnknownHostException;
import java.security.NoSuchAlgorithmException;
import javax.net.SocketFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
/**
* <p>
* EasySSLProtocolSocketFactory can be used to creats SSL {@link Socket}s
* that accept self-signed certificates.
* </p>
* <p>
* This socket factory SHOULD NOT be used for productive systems
* due to security reasons, unless it is a concious decision and
* you are perfectly aware of security implications of accepting
* self-signed certificates
* </p>
*
* <p>
* Example of using custom protocol socket factory for a specific host:
* <pre>
* Protocol easyhttps = new Protocol("https", new EasySSLProtocolSocketFactory(), 443);
*
* URI uri = new URI("https://localhost/", true);
* // use relative url only
* GetMethod httpget = new GetMethod(uri.getPathQuery());
* HostConfiguration hc = new HostConfiguration();
* hc.setHost(uri.getHost(), uri.getPort(), easyhttps);
* HttpClient client = new HttpClient();
* client.executeMethod(hc, httpget);
* </pre>
* </p>
* <p>
* Example of using custom protocol socket factory per default instead of the standard one:
* <pre>
* Protocol easyhttps = new Protocol("https", new EasySSLProtocolSocketFactory(), 443);
* Protocol.registerProtocol("https", easyhttps);
*
* HttpClient client = new HttpClient();
* GetMethod httpget = new GetMethod("https://localhost/");
* client.executeMethod(httpget);
* </pre>
* </p>
*
* @author <a href="mailto:oleg -at- ural.ru">Oleg Kalnichevski</a>
*
* <p>
* DISCLAIMER: HttpClient developers DO NOT actively support this component.
* The component is provided as a reference material, which may be inappropriate
* for use without additional customization.
* </p>
*/
public class EasySSLProtocolSocketFactory implements SecureProtocolSocketFactory {
private SSLContext sslcontext = null;
private static final String TAG = EasySSLProtocolSocketFactory.class.getSimpleName();
/**
* Constructor for EasySSLProtocolSocketFactory.
*/
public EasySSLProtocolSocketFactory() {
super();
}
private static SSLContext createEasySSLContext() {
SSLContext context = EasySSLProtocolSocketFactory.tryCreateSSLContext("TLSv1.2");
if (context == null) {
context = EasySSLProtocolSocketFactory.tryCreateSSLContext("TLSv1.1");
Log.i(EasySSLProtocolSocketFactory.TAG, "SSLContext set to TLSv1.1");
}
else {
Log.i(EasySSLProtocolSocketFactory.TAG, "SSLContext set to TLSv1.2");
}
if (context == null) {
context = EasySSLProtocolSocketFactory.tryCreateSSLContext("TLSv1");
Log.i(EasySSLProtocolSocketFactory.TAG, "SSLContext set to TLSv1");
}
if (context == null) {
context = EasySSLProtocolSocketFactory.tryCreateSSLContext("SSL");
Log.i(EasySSLProtocolSocketFactory.TAG, "SSLContext set to SSL");
}
if (context == null) {
throw new HttpClientError("Failed to create SSLContext");
}
try {
context.init(
null,
new TrustManager[] {new EasyX509TrustManager(null)},
null);
return context;
} catch (Exception e) {
throw new HttpClientError(e.toString());
}
}
private static SSLContext tryCreateSSLContext(String ctx) {
try {
return SSLContext.getInstance(ctx);
} catch (NoSuchAlgorithmException e) {
return null;
}
}
private SSLContext getSSLContext() {
if (sslcontext == null) {
sslcontext = EasySSLProtocolSocketFactory.createEasySSLContext();
}
return sslcontext;
}
/**
* @see SecureProtocolSocketFactory#createSocket(java.lang.String,int,java.net.InetAddress,int)
*/
public Socket createSocket(
String host,
int port,
InetAddress clientHost,
int clientPort)
throws IOException {
return getSSLContext().getSocketFactory().createSocket(
host,
port,
clientHost,
clientPort
);
}
/**
* Attempts to get a new socket connection to the given host within the given time limit.
* <p>
* To circumvent the limitations of older JREs that do not support connect timeout a
* controller thread is executed. The controller thread attempts to create a new socket
* within the given limit of time. If socket constructor does not return until the
* timeout expires, the controller terminates and throws an {@link ConnectTimeoutException}
* </p>
*
* @param host the host name/IP
* @param port the port on the host
* @param params {@link HttpConnectionParams Http connection parameters}
*
* @return Socket a new socket
*
* @throws IOException if an I/O error occurs while creating the socket
* @throws UnknownHostException if the IP address of the host cannot be
* determined
*/
public Socket createSocket(
String host,
int port,
InetAddress localAddress,
int localPort,
HttpConnectionParams params
) throws IOException {
if (params == null) {
throw new IllegalArgumentException("Parameters may not be null");
}
int timeout = params.getConnectionTimeout();
SocketFactory socketfactory = getSSLContext().getSocketFactory();
if (timeout == 0) {
return socketfactory.createSocket(host, port, localAddress, localPort);
} else {
Socket socket = socketfactory.createSocket();
SocketAddress localaddr = new InetSocketAddress(localAddress, localPort);
SocketAddress remoteaddr = new InetSocketAddress(host, port);
socket.bind(localaddr);
socket.connect(remoteaddr, timeout);
return socket;
}
}
/**
* @see SecureProtocolSocketFactory#createSocket(java.lang.String,int)
*/
public Socket createSocket(String host, int port)
throws IOException {
return getSSLContext().getSocketFactory().createSocket(
host,
port
);
}
/**
* @see SecureProtocolSocketFactory#createSocket(java.net.Socket,java.lang.String,int,boolean)
*/
public Socket createSocket(
Socket socket,
String host,
int port,
boolean autoClose)
throws IOException {
return getSSLContext().getSocketFactory().createSocket(
socket,
host,
port,
autoClose
);
}
public boolean equals(Object obj) {
return ((obj != null) && obj.getClass().equals(EasySSLProtocolSocketFactory.class));
}
public int hashCode() {
return EasySSLProtocolSocketFactory.class.hashCode();
}
}

103
src/main/java/org/apache/commons/httpclient/contrib/ssl/EasyX509TrustManager.java
View File

@ -1,103 +0,0 @@
/*
* ====================================================================
*
* Licensed to the Apache Software Foundation (ASF) under one or more
* contributor license agreements. See the NOTICE file distributed with
* this work for additional information regarding copyright ownership.
* The ASF licenses this file to You under the Apache License, Version 2.0
* (the "License"); you may not use this file except in compliance with
* the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
* ====================================================================
*
* This software consists of voluntary contributions made by many
* individuals on behalf of the Apache Software Foundation. For more
* information on the Apache Software Foundation, please see
* <http://www.apache.org/>.
*
*/
package org.apache.commons.httpclient.contrib.ssl;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;
/**
* <p>
* EasyX509TrustManager unlike default {@link X509TrustManager} accepts
* self-signed certificates.
* </p>
* <p>
* This trust manager SHOULD NOT be used for productive systems
* due to security reasons, unless it is a concious decision and
* you are perfectly aware of security implications of accepting
* self-signed certificates
* </p>
*
* @author <a href="mailto:adrian.sutton@ephox.com">Adrian Sutton</a>
* @author <a href="mailto:oleg@ural.ru">Oleg Kalnichevski</a>
*
* <p>
* DISCLAIMER: HttpClient developers DO NOT actively support this component.
* The component is provided as a reference material, which may be inappropriate
* for use without additional customization.
* </p>
*/
class EasyX509TrustManager implements X509TrustManager
{
private X509TrustManager standardTrustManager = null;
/**
* Constructor for EasyX509TrustManager.
*/
EasyX509TrustManager(KeyStore keystore) throws NoSuchAlgorithmException, KeyStoreException {
super();
TrustManagerFactory factory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
factory.init(keystore);
TrustManager[] trustmanagers = factory.getTrustManagers();
if (trustmanagers.length == 0) {
throw new NoSuchAlgorithmException("no trust manager found");
}
standardTrustManager = (X509TrustManager)trustmanagers[0];
}
/**
* @see javax.net.ssl.X509TrustManager#checkClientTrusted(X509Certificate[],String authType)
*/
public void checkClientTrusted(X509Certificate[] certificates,String authType) throws CertificateException {
standardTrustManager.checkClientTrusted(certificates,authType);
}
/**
* @see javax.net.ssl.X509TrustManager#checkServerTrusted(X509Certificate[],String authType)
*/
public void checkServerTrusted(X509Certificate[] certificates,String authType) throws CertificateException {
if ((certificates != null) && (certificates.length == 1)) {
certificates[0].checkValidity();
} else {
standardTrustManager.checkServerTrusted(certificates,authType);
}
}
/**
* @see javax.net.ssl.X509TrustManager#getAcceptedIssuers()
*/
public X509Certificate[] getAcceptedIssuers() {
return standardTrustManager.getAcceptedIssuers();
}
}

2
src/main/res/values-ca/strings.xml
View File

@ -50,7 +50,7 @@
<string name="title_global_pref_to_general_prefs">Genera preferències</string> <string name="title_global_pref_to_general_prefs">Genera preferències</string>
<string name="summary_global_pref_to_general_prefs">Opcions de sincronització</string> <string name="summary_global_pref_to_general_prefs">Opcions de sincronització</string>
<string name="summary_notif_prefs">Notificacions</string> <string name="summary_notif_prefs">Notificacions</string>
<string name="pref_header_data_sync">Dades & sincronització</string> <string name="pref_header_data_sync">Dades &amp; sincronització</string>
<string name="title_activity_general_settings">Paràmetres generals</string> <string name="title_activity_general_settings">Paràmetres generals</string>
<string-array name="pref_sync_frequency_titles"> <string-array name="pref_sync_frequency_titles">