Re-initiate the SSL trust manager and remove org.apache.commons.httpclient

+ fix a wrong string

build.gradle

@@ -63,7 +63,6 @@ repositories {
 }
 
 dependencies {
-    compile 'commons-httpclient:commons-httpclient:3.1'
     compile 'com.android.support:support-v13:26.1.0'
     compile 'com.android.support:appcompat-v7:26.1.0'
     compile 'com.android.support:design:26.1.0'

src/main/java/fr/unix_experience/owncloud_sms/engine/OCHttpClient.java

@@ -22,9 +22,6 @@ import android.util.Base64;
 import android.util.Log;
 import android.util.Pair;
 
-import org.apache.commons.httpclient.contrib.ssl.EasySSLProtocolSocketFactory;
-import org.apache.commons.httpclient.protocol.Protocol;
-import org.apache.commons.httpclient.protocol.ProtocolSocketFactory;
 import org.json.JSONException;
 import org.json.JSONObject;
 
@@ -38,6 +35,11 @@ import java.net.MalformedURLException;
 import java.net.URL;
 import java.nio.charset.Charset;
 
+import javax.net.ssl.HttpsURLConnection;
+import javax.net.ssl.SSLContext;
+import javax.net.ssl.TrustManager;
+import javax.net.ssl.X509TrustManager;
+
 import fr.unix_experience.owncloud_sms.R;
 import fr.unix_experience.owncloud_sms.enums.OCSyncErrorType;
 import fr.unix_experience.owncloud_sms.exceptions.OCSyncException;
@@ -67,8 +69,29 @@ public class OCHttpClient {
 	private static final String OC_V2_GET_MESSAGES_SENDQUEUE = "/index.php/apps/ocsms/api/v2/messages/sendqueue?format=json";
 
 	public OCHttpClient(Context context, URL serverURL, String accountName, String accountPassword) {
-		Protocol easyhttps = new Protocol("https", (ProtocolSocketFactory)new EasySSLProtocolSocketFactory(), 443);
-		Protocol.registerProtocol("https", easyhttps);
+		// Create a trust manager that does not validate certificate chains
+		TrustManager[] trustAllCerts = new TrustManager[]{
+				new X509TrustManager() {
+					public java.security.cert.X509Certificate[] getAcceptedIssuers() {
+						return null;
+					}
+					public void checkClientTrusted(
+							java.security.cert.X509Certificate[] certs, String authType) {
+					}
+					public void checkServerTrusted(
+							java.security.cert.X509Certificate[] certs, String authType) {
+					}
+				}
+		};
+
+		// Install the all-trusting trust manager
+		try {
+			SSLContext sc = SSLContext.getInstance("SSL");
+			sc.init(null, trustAllCerts, new java.security.SecureRandom());
+			HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
+		} catch (Exception ignored) {
+		}
+
 		_url = serverURL;
 		_username = accountName;
 		_password = accountPassword;

src/main/java/org/apache/commons/httpclient/contrib/ssl/EasySSLProtocolSocketFactory.java

@@ -1,258 +0,0 @@
-/*
- * $HeadURL$
- * $Revision$
- * $Date$
- *
- * ====================================================================
- *
- *  Licensed to the Apache Software Foundation (ASF) under one or more
- *  contributor license agreements.  See the NOTICE file distributed with
- *  this work for additional information regarding copyright ownership.
- *  The ASF licenses this file to You under the Apache License, Version 2.0
- *  (the "License"); you may not use this file except in compliance with
- *  the License.  You may obtain a copy of the License at
- *
- *      http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS,
- *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- * ====================================================================
- *
- * This software consists of voluntary contributions made by many
- * individuals on behalf of the Apache Software Foundation.  For more
- * information on the Apache Software Foundation, please see
- * <http://www.apache.org/>.
- *
- */
-
-package org.apache.commons.httpclient.contrib.ssl;
-
-import android.util.Log;
-
-import org.apache.commons.httpclient.ConnectTimeoutException;
-import org.apache.commons.httpclient.HttpClientError;
-import org.apache.commons.httpclient.params.HttpConnectionParams;
-import org.apache.commons.httpclient.protocol.SecureProtocolSocketFactory;
-
-import java.io.IOException;
-import java.net.InetAddress;
-import java.net.InetSocketAddress;
-import java.net.Socket;
-import java.net.SocketAddress;
-import java.net.UnknownHostException;
-import java.security.NoSuchAlgorithmException;
-
-import javax.net.SocketFactory;
-import javax.net.ssl.SSLContext;
-import javax.net.ssl.TrustManager;
-
-/**
- * <p>
- * EasySSLProtocolSocketFactory can be used to creats SSL {@link Socket}s
- * that accept self-signed certificates.
- * </p>
- * <p>
- * This socket factory SHOULD NOT be used for productive systems
- * due to security reasons, unless it is a concious decision and
- * you are perfectly aware of security implications of accepting
- * self-signed certificates
- * </p>
- *
- * <p>
- * Example of using custom protocol socket factory for a specific host:
- *     <pre>
- *     Protocol easyhttps = new Protocol("https", new EasySSLProtocolSocketFactory(), 443);
- *
- *     URI uri = new URI("https://localhost/", true);
- *     // use relative url only
- *     GetMethod httpget = new GetMethod(uri.getPathQuery());
- *     HostConfiguration hc = new HostConfiguration();
- *     hc.setHost(uri.getHost(), uri.getPort(), easyhttps);
- *     HttpClient client = new HttpClient();
- *     client.executeMethod(hc, httpget);
- *     </pre>
- * </p>
- * <p>
- * Example of using custom protocol socket factory per default instead of the standard one:
- *     <pre>
- *     Protocol easyhttps = new Protocol("https", new EasySSLProtocolSocketFactory(), 443);
- *     Protocol.registerProtocol("https", easyhttps);
- *
- *     HttpClient client = new HttpClient();
- *     GetMethod httpget = new GetMethod("https://localhost/");
- *     client.executeMethod(httpget);
- *     </pre>
- * </p>
- *
- * @author <a href="mailto:oleg -at- ural.ru">Oleg Kalnichevski</a>
- *
- * <p>
- * DISCLAIMER: HttpClient developers DO NOT actively support this component.
- * The component is provided as a reference material, which may be inappropriate
- * for use without additional customization.
- * </p>
- */
-
-public class EasySSLProtocolSocketFactory implements SecureProtocolSocketFactory {
-
-	private SSLContext sslcontext = null;
-	private static final String TAG = EasySSLProtocolSocketFactory.class.getSimpleName();
-
-	/**
-	 * Constructor for EasySSLProtocolSocketFactory.
-	 */
-	public EasySSLProtocolSocketFactory() {
-		super();
-	}
-
-	private static SSLContext createEasySSLContext() {
-		SSLContext context = EasySSLProtocolSocketFactory.tryCreateSSLContext("TLSv1.2");
-		if (context == null) {
-			context = EasySSLProtocolSocketFactory.tryCreateSSLContext("TLSv1.1");
-			Log.i(EasySSLProtocolSocketFactory.TAG, "SSLContext set to TLSv1.1");
-		}
-		else {
-			Log.i(EasySSLProtocolSocketFactory.TAG, "SSLContext set to TLSv1.2");
-		}
-
-		if (context == null) {
-			context = EasySSLProtocolSocketFactory.tryCreateSSLContext("TLSv1");
-			Log.i(EasySSLProtocolSocketFactory.TAG, "SSLContext set to TLSv1");
-		}
-
-		if (context == null) {
-			context = EasySSLProtocolSocketFactory.tryCreateSSLContext("SSL");
-			Log.i(EasySSLProtocolSocketFactory.TAG, "SSLContext set to SSL");
-		}
-
-		if (context == null) {
-			throw new HttpClientError("Failed to create SSLContext");
-		}
-
-		try {
-			context.init(
-					null,
-					new TrustManager[] {new EasyX509TrustManager(null)},
-					null);
-			return context;
-		} catch (Exception e) {
-			throw new HttpClientError(e.toString());
-		}
-	}
-
-	private static SSLContext tryCreateSSLContext(String ctx) {
-		try {
-			return SSLContext.getInstance(ctx);
-		} catch (NoSuchAlgorithmException e) {
-			return null;
-		}
-	}
-
-	private SSLContext getSSLContext() {
-		if (sslcontext == null) {
-			sslcontext = EasySSLProtocolSocketFactory.createEasySSLContext();
-		}
-		return sslcontext;
-	}
-
-	/**
-	 * @see SecureProtocolSocketFactory#createSocket(java.lang.String,int,java.net.InetAddress,int)
-	 */
-	public Socket createSocket(
-			String host,
-			int port,
-			InetAddress clientHost,
-			int clientPort)
-			throws IOException {
-
-		return getSSLContext().getSocketFactory().createSocket(
-				host,
-				port,
-				clientHost,
-				clientPort
-		);
-	}
-
-	/**
-	 * Attempts to get a new socket connection to the given host within the given time limit.
-	 * <p>
-	 * To circumvent the limitations of older JREs that do not support connect timeout a
-	 * controller thread is executed. The controller thread attempts to create a new socket
-	 * within the given limit of time. If socket constructor does not return until the
-	 * timeout expires, the controller terminates and throws an {@link ConnectTimeoutException}
-	 * </p>
-	 *
-	 * @param host the host name/IP
-	 * @param port the port on the host
-	 * @param params {@link HttpConnectionParams Http connection parameters}
-	 *
-	 * @return Socket a new socket
-	 *
-	 * @throws IOException if an I/O error occurs while creating the socket
-	 * @throws UnknownHostException if the IP address of the host cannot be
-	 * determined
-	 */
-	public Socket createSocket(
-			String host,
-			int port,
-			InetAddress localAddress,
-			int localPort,
-			HttpConnectionParams params
-	) throws IOException {
-		if (params == null) {
-			throw new IllegalArgumentException("Parameters may not be null");
-		}
-		int timeout = params.getConnectionTimeout();
-		SocketFactory socketfactory = getSSLContext().getSocketFactory();
-		if (timeout == 0) {
-			return socketfactory.createSocket(host, port, localAddress, localPort);
-		} else {
-			Socket socket = socketfactory.createSocket();
-			SocketAddress localaddr = new InetSocketAddress(localAddress, localPort);
-			SocketAddress remoteaddr = new InetSocketAddress(host, port);
-			socket.bind(localaddr);
-			socket.connect(remoteaddr, timeout);
-			return socket;
-		}
-	}
-
-	/**
-	 * @see SecureProtocolSocketFactory#createSocket(java.lang.String,int)
-	 */
-	public Socket createSocket(String host, int port)
-			throws IOException {
-		return getSSLContext().getSocketFactory().createSocket(
-				host,
-				port
-		);
-	}
-
-	/**
-	 * @see SecureProtocolSocketFactory#createSocket(java.net.Socket,java.lang.String,int,boolean)
-	 */
-	public Socket createSocket(
-			Socket socket,
-			String host,
-			int port,
-			boolean autoClose)
-			throws IOException {
-		return getSSLContext().getSocketFactory().createSocket(
-				socket,
-				host,
-				port,
-				autoClose
-		);
-	}
-
-	public boolean equals(Object obj) {
-		return ((obj != null) && obj.getClass().equals(EasySSLProtocolSocketFactory.class));
-	}
-
-	public int hashCode() {
-		return EasySSLProtocolSocketFactory.class.hashCode();
-	}
-
-}

src/main/java/org/apache/commons/httpclient/contrib/ssl/EasyX509TrustManager.java

@@ -1,103 +0,0 @@
-/*
- * ====================================================================
- *
- *  Licensed to the Apache Software Foundation (ASF) under one or more
- *  contributor license agreements.  See the NOTICE file distributed with
- *  this work for additional information regarding copyright ownership.
- *  The ASF licenses this file to You under the Apache License, Version 2.0
- *  (the "License"); you may not use this file except in compliance with
- *  the License.  You may obtain a copy of the License at
- *
- *      http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS,
- *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- * ====================================================================
- *
- * This software consists of voluntary contributions made by many
- * individuals on behalf of the Apache Software Foundation.  For more
- * information on the Apache Software Foundation, please see
- * <http://www.apache.org/>.
- *
- */
-
-package org.apache.commons.httpclient.contrib.ssl;
-
-import java.security.KeyStore;
-import java.security.KeyStoreException;
-import java.security.NoSuchAlgorithmException;
-import java.security.cert.CertificateException;
-import java.security.cert.X509Certificate;
-
-import javax.net.ssl.TrustManagerFactory;
-import javax.net.ssl.TrustManager;
-import javax.net.ssl.X509TrustManager;
-
-/**
- * <p>
- * EasyX509TrustManager unlike default {@link X509TrustManager} accepts
- * self-signed certificates.
- * </p>
- * <p>
- * This trust manager SHOULD NOT be used for productive systems
- * due to security reasons, unless it is a concious decision and
- * you are perfectly aware of security implications of accepting
- * self-signed certificates
- * </p>
- *
- * @author <a href="mailto:adrian.sutton@ephox.com">Adrian Sutton</a>
- * @author <a href="mailto:oleg@ural.ru">Oleg Kalnichevski</a>
- *
- * <p>
- * DISCLAIMER: HttpClient developers DO NOT actively support this component.
- * The component is provided as a reference material, which may be inappropriate
- * for use without additional customization.
- * </p>
- */
-
-class EasyX509TrustManager implements X509TrustManager
-{
-	private X509TrustManager standardTrustManager = null;
-
-	/**
-	 * Constructor for EasyX509TrustManager.
-	 */
-	EasyX509TrustManager(KeyStore keystore) throws NoSuchAlgorithmException, KeyStoreException {
-		super();
-		TrustManagerFactory factory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
-		factory.init(keystore);
-		TrustManager[] trustmanagers = factory.getTrustManagers();
-		if (trustmanagers.length == 0) {
-			throw new NoSuchAlgorithmException("no trust manager found");
-		}
-		standardTrustManager = (X509TrustManager)trustmanagers[0];
-	}
-
-	/**
-	 * @see javax.net.ssl.X509TrustManager#checkClientTrusted(X509Certificate[],String authType)
-	 */
-	public void checkClientTrusted(X509Certificate[] certificates,String authType) throws CertificateException {
-		standardTrustManager.checkClientTrusted(certificates,authType);
-	}
-
-	/**
-	 * @see javax.net.ssl.X509TrustManager#checkServerTrusted(X509Certificate[],String authType)
-	 */
-	public void checkServerTrusted(X509Certificate[] certificates,String authType) throws CertificateException {
-		if ((certificates != null) && (certificates.length == 1)) {
-			certificates[0].checkValidity();
-		} else {
-			standardTrustManager.checkServerTrusted(certificates,authType);
-		}
-	}
-
-	/**
-	 * @see javax.net.ssl.X509TrustManager#getAcceptedIssuers()
-	 */
-	public X509Certificate[] getAcceptedIssuers() {
-		return standardTrustManager.getAcceptedIssuers();
-	}
-}

src/main/res/values-ca/strings.xml

@@ -50,7 +50,7 @@
     <string name="title_global_pref_to_general_prefs">Genera preferències</string>
     <string name="summary_global_pref_to_general_prefs">Opcions de sincronització</string>
     <string name="summary_notif_prefs">Notificacions</string>
-    <string name="pref_header_data_sync">Dades & sincronització</string>
+    <string name="pref_header_data_sync">Dades &amp; sincronització</string>
     <string name="title_activity_general_settings">Paràmetres generals</string>
 
     <string-array name="pref_sync_frequency_titles">