Browse Source

Incorporated suggestions: permitting any sep (or none) and indicate we are

using SHA-1 hash
pull/11/head
Daniel Kimsey 13 years ago
parent
commit
7eb6aac14a
  1. 2
      android/res/values/strings.xml
  2. 2
      lib/src/org/transdroid/daemon/util/FakeTrustManager.java

2
android/res/values/strings.xml

@ -154,7 +154,7 @@
<string name="pref_timeout_info">Number of seconds before timing out a connection attempt</string> <string name="pref_timeout_info">Number of seconds before timing out a connection attempt</string>
<string name="pref_ssl">SSL</string> <string name="pref_ssl">SSL</string>
<string name="pref_ssl_info">Select to use https</string> <string name="pref_ssl_info">Select to use https</string>
<string name="pref_ssl_trust_key">Custom SSL thumbprint</string> <string name="pref_ssl_trust_key">Custom SSL thumbprint (SHA-1)</string>
<string name="pref_ssl_trust_key_info">Permit only connections to this specific certificate</string> <string name="pref_ssl_trust_key_info">Permit only connections to this specific certificate</string>
<string name="pref_ssl_trust_all">Accept all SSL certificates</string> <string name="pref_ssl_trust_all">Accept all SSL certificates</string>
<string name="pref_ssl_trust_all_info">Select to allow connections from any thumbprint</string> <string name="pref_ssl_trust_all_info">Select to allow connections from any thumbprint</string>

2
lib/src/org/transdroid/daemon/util/FakeTrustManager.java

@ -33,7 +33,7 @@ public class FakeTrustManager implements X509TrustManager {
// Otherwise, we have a certKey defined. We should now examine the one we got from the server. // Otherwise, we have a certKey defined. We should now examine the one we got from the server.
// They match? All is good. They don't, throw an exception. // They match? All is good. They don't, throw an exception.
String our_key = this.certKey.replaceAll("\\s+", ""); String our_key = this.certKey.replaceAll("[^a-f0-9]+", "");
try { try {
//Assume self-signed root is okay? //Assume self-signed root is okay?
X509Certificate ss_cert = chain[0]; X509Certificate ss_cert = chain[0];

Loading…
Cancel
Save