diff options
| author | Kenny Root <kroot@google.com> | 2016-02-01 09:06:20 -0800 |
|---|---|---|
| committer | Kenny Root <kroot@google.com> | 2016-02-02 15:21:37 +0000 |
| commit | 1a795a18fadcfec9941bef9b241fdcc77f92584e (patch) | |
| tree | 0f9a0ff5e0865ff983c6c9c62dbc08db240d9b04 | |
| parent | 8a99e01bd455829323c810a53b8ca004943372ba (diff) | |
| download | android_external_apache-http-1a795a18fadcfec9941bef9b241fdcc77f92584e.tar.gz android_external_apache-http-1a795a18fadcfec9941bef9b241fdcc77f92584e.tar.bz2 android_external_apache-http-1a795a18fadcfec9941bef9b241fdcc77f92584e.zip | |
Unhook a bit from Conscrypt's implementation
Conscrypt's TrustManagerImpl is changing from X509TrustManager to
X509ExtendedTrustManager. apache-http is linking against an SDK
release version without X509ExtendedTrustManager which causes errors.
Remove the instanceof check to since it will work fine without it on the
old and the new code.
Change-Id: If4aedbd43f7716d8a3e15b2cfd2e218cb8d533a4
| -rw-r--r-- | android/src/android/net/http/CertificateChainValidator.java | 33 |
1 files changed, 14 insertions, 19 deletions
diff --git a/android/src/android/net/http/CertificateChainValidator.java b/android/src/android/net/http/CertificateChainValidator.java index 8f1a9e3..96bf169 100644 --- a/android/src/android/net/http/CertificateChainValidator.java +++ b/android/src/android/net/http/CertificateChainValidator.java @@ -228,26 +228,21 @@ public class CertificateChainValidator { try { X509TrustManager x509TrustManager = SSLParametersImpl.getDefaultX509TrustManager(); - if (x509TrustManager instanceof TrustManagerImpl) { - TrustManagerImpl trustManager = (TrustManagerImpl) x509TrustManager; - trustManager.checkServerTrusted(chain, authType, domain); - } else { - // Use duck-typing to try and call the hostname aware checkServerTrusted if - // available. - try { - Method method = x509TrustManager.getClass().getMethod("checkServerTrusted", - X509Certificate[].class, - String.class, - String.class); - method.invoke(x509TrustManager, chain, authType, domain); - } catch (NoSuchMethodException | IllegalAccessException e) { - x509TrustManager.checkServerTrusted(chain, authType); - } catch (InvocationTargetException e) { - if (e.getCause() instanceof CertificateException) { - throw (CertificateException) e.getCause(); - } - throw new RuntimeException(e.getCause()); + // Use duck-typing to try and call the hostname aware checkServerTrusted if + // available. + try { + Method method = x509TrustManager.getClass().getMethod("checkServerTrusted", + X509Certificate[].class, + String.class, + String.class); + method.invoke(x509TrustManager, chain, authType, domain); + } catch (NoSuchMethodException | IllegalAccessException e) { + x509TrustManager.checkServerTrusted(chain, authType); + } catch (InvocationTargetException e) { + if (e.getCause() instanceof CertificateException) { + throw (CertificateException) e.getCause(); } + throw new RuntimeException(e.getCause()); } return null; // No errors. } catch (GeneralSecurityException e) { |