diff options
Diffstat (limited to 'src/com/android/providers/downloads/DownloadThread.java')
-rw-r--r-- | src/com/android/providers/downloads/DownloadThread.java | 16 |
1 files changed, 16 insertions, 0 deletions
diff --git a/src/com/android/providers/downloads/DownloadThread.java b/src/com/android/providers/downloads/DownloadThread.java index da51e9d4..34d6ad1a 100644 --- a/src/com/android/providers/downloads/DownloadThread.java +++ b/src/com/android/providers/downloads/DownloadThread.java @@ -85,6 +85,10 @@ import java.net.MalformedURLException; import java.net.ProtocolException; import java.net.URL; import java.net.URLConnection; +import java.security.GeneralSecurityException; + +import javax.net.ssl.HttpsURLConnection; +import javax.net.ssl.SSLContext; /** * Task which executes a given {@link DownloadInfo}: making network requests, @@ -403,6 +407,13 @@ public class DownloadThread extends Thread { } boolean cleartextTrafficPermitted = mSystemFacade.isCleartextTrafficPermitted(mInfo.mUid); + SSLContext appContext; + try { + appContext = mSystemFacade.getSSLContextForPackage(mContext, mInfo.mPackage); + } catch (GeneralSecurityException e) { + // This should never happen. + throw new StopRequestException(STATUS_UNKNOWN_ERROR, "Unable to create SSLContext."); + } int redirectionCount = 0; while (redirectionCount++ < Constants.MAX_REDIRECTS) { // Enforce the cleartext traffic opt-out for the UID. This cannot be enforced earlier @@ -424,6 +435,11 @@ public class DownloadThread extends Thread { conn.setInstanceFollowRedirects(false); conn.setConnectTimeout(DEFAULT_TIMEOUT); conn.setReadTimeout(DEFAULT_TIMEOUT); + // If this is going over HTTPS configure the trust to be the same as the calling + // package. + if (conn instanceof HttpsURLConnection) { + ((HttpsURLConnection)conn).setSSLSocketFactory(appContext.getSocketFactory()); + } addRequestHeaders(conn, resuming); |