Use duck typing to call hostname aware checkServerTrusted

This supports X509TrustManagers other than TrustManagerImpl that implement the hostname aware checkServerTrusted. Change-Id: Icc4591b32f52c833a49180b198e5dd24294dde37
author: Chad Brubaker <cbrubaker@google.com> 2016-01-19 13:57:03 -0800
committer: Chad Brubaker <cbrubaker@google.com> 2016-01-19 13:58:19 -0800
commit: 46856d9a1367559ba156dd9f16a51ed1a96466f9 (patch)
tree: ed25426d95ca0053032efe7537a172b03ba56aed
parent: 0a468f382494aeff3b1df4b2f41b279a043238b5 (diff)
download: android_external_apache-http-46856d9a1367559ba156dd9f16a51ed1a96466f9.tar.gz
android_external_apache-http-46856d9a1367559ba156dd9f16a51ed1a96466f9.tar.bz2
android_external_apache-http-46856d9a1367559ba156dd9f16a51ed1a96466f9.zip
1 files changed, 17 insertions, 1 deletions
diff --git a/android/src/android/net/http/CertificateChainValidator.java b/android/src/android/net/http/CertificateChainValidator.java
index d45e83f..8f1a9e3 100644
--- a/android/src/android/net/http/CertificateChainValidator.java
+++ b/android/src/android/net/http/CertificateChainValidator.java
@@ -23,6 +23,7 @@ import android.util.Log;
 
 import java.io.ByteArrayInputStream;
 import java.io.IOException;
+import java.lang.reflect.InvocationTargetException;
 import java.lang.reflect.Method;
 import java.security.GeneralSecurityException;
 import java.security.KeyStore;
@@ -231,7 +232,22 @@ public class CertificateChainValidator {
                 TrustManagerImpl trustManager = (TrustManagerImpl) x509TrustManager;
                 trustManager.checkServerTrusted(chain, authType, domain);
             } else {
-                x509TrustManager.checkServerTrusted(chain, authType);
+                // Use duck-typing to try and call the hostname aware checkServerTrusted if
+                // available.
+                try {
+                    Method method = x509TrustManager.getClass().getMethod("checkServerTrusted",
+                            X509Certificate[].class,
+                            String.class,
+                            String.class);
+                    method.invoke(x509TrustManager, chain, authType, domain);
+                } catch (NoSuchMethodException | IllegalAccessException e) {
+                    x509TrustManager.checkServerTrusted(chain, authType);
+                } catch (InvocationTargetException e) {
+                    if (e.getCause() instanceof CertificateException) {
+                        throw (CertificateException) e.getCause();
+                    }
+                    throw new RuntimeException(e.getCause());
+                }
             }
             return null;  // No errors.
         } catch (GeneralSecurityException e) {
author	Chad Brubaker <cbrubaker@google.com>	2016-01-19 13:57:03 -0800
committer	Chad Brubaker <cbrubaker@google.com>	2016-01-19 13:58:19 -0800
commit	46856d9a1367559ba156dd9f16a51ed1a96466f9 (patch)
tree	ed25426d95ca0053032efe7537a172b03ba56aed
parent	0a468f382494aeff3b1df4b2f41b279a043238b5 (diff)
download	android_external_apache-http-46856d9a1367559ba156dd9f16a51ed1a96466f9.tar.gz android_external_apache-http-46856d9a1367559ba156dd9f16a51ed1a96466f9.tar.bz2 android_external_apache-http-46856d9a1367559ba156dd9f16a51ed1a96466f9.zip