diff --git a/build.gradle b/build.gradle index bc17e2a..e7730ee 100644 --- a/build.gradle +++ b/build.gradle @@ -4,7 +4,7 @@ buildscript { } dependencies { - classpath 'com.android.tools.build:gradle:1.3.1' + classpath 'com.android.tools.build:gradle:1.5.0' } } diff --git a/build.sh b/build.sh index 7e6cc46..d441d98 100755 --- a/build.sh +++ b/build.sh @@ -247,6 +247,7 @@ ${SED_CMD} "s/sedpackage/cz\.msebera\.httpclient\.android/g" src/main/AndroidMan cd ${ANDROIDPROJECTPATH} patch ${PACKAGEDIR}/conn/ssl/DefaultHostnameVerifier.java ../patches/DefaultHostnameVerifier.java.patch.4.4.1 patch ${PACKAGEDIR}/conn/ssl/AbstractVerifier.java ../patches/AbstractVerifier.java.patch.4.4.1 +patch ${PACKAGEDIR}/conn/ssl/SSLConnectionSocketFactory.java ../patches/SSLConnectionSocketFactory.java.patch.4.4.1 cp ../patches/DistinguishedNameParser.java ${PACKAGEDIR}/conn/ssl/ echo ">> Gradle build proceed" diff --git a/gradle.properties b/gradle.properties index 1c541ea..2c3fbe2 100755 --- a/gradle.properties +++ b/gradle.properties @@ -1,5 +1,5 @@ -VERSION_NAME=4.4.1.1 -VERSION_CODE=4411 +VERSION_NAME=4.4.1.2 +VERSION_CODE=4412 GROUP=cz.msebera.android POM_ARTIFACT_ID=httpclient diff --git a/patches/AbstractVerifier.java.patch.4.3.5 b/patches/AbstractVerifier.java.patch.4.3.5 deleted file mode 100644 index 5553f94..0000000 --- a/patches/AbstractVerifier.java.patch.4.3.5 +++ /dev/null @@ -1,85 +0,0 @@ -diff --git a/AbstractVerifier2.java b/AbstractVerifier.java -index 83b1236..a785a10 100644 ---- a/AbstractVerifier2.java -+++ b/AbstractVerifier.java -@@ -42,13 +42,8 @@ import java.util.LinkedList; - import java.util.List; - import java.util.Locale; - import java.util.NoSuchElementException; -+import java.util.StringTokenizer; - --/* Javax.Naming package removed by HttpClient for Android script. */ --/* Javax.Naming package removed by HttpClient for Android script. */ --/* Javax.Naming package removed by HttpClient for Android script. */ --/* Javax.Naming package removed by HttpClient for Android script. */ --/* Javax.Naming package removed by HttpClient for Android script. */ --/* Javax.Naming package removed by HttpClient for Android script. */ - import javax.net.ssl.SSLException; - import javax.net.ssl.SSLSession; - import javax.net.ssl.SSLSocket; -@@ -272,29 +267,44 @@ public abstract class AbstractVerifier implements X509HostnameVerifier { - if (subjectPrincipal == null) { - return null; - } -- final List cns = new ArrayList(); -- try { -- final LdapName subjectDN = new LdapName(subjectPrincipal); -- final List rdns = subjectDN.getRdns(); -- for (int i = rdns.size() - 1; i >= 0; i--) { -- final Rdn rds = rdns.get(i); -- final Attributes attributes = rds.toAttributes(); -- final Attribute cn = attributes.get("cn"); -- if (cn != null) { -- try { -- final Object value = cn.get(); -- if (value != null) { -- cns.add(value.toString()); -- } -- } catch (NoSuchElementException ignore) { -- } catch (NamingException ignore) { -- } -- } -+ LinkedList cnList = new LinkedList(); -+ /* -+ Sebastian Hauer's original StrictSSLProtocolSocketFactory used -+ getName() and had the following comment: -+ -+ Parses a X.500 distinguished name for the value of the -+ "Common Name" field. This is done a bit sloppy right -+ now and should probably be done a bit more according to -+ RFC 2253. -+ -+ I've noticed that toString() seems to do a better job than -+ getName() on these X500Principal objects, so I'm hoping that -+ addresses Sebastian's concern. -+ -+ For example, getName() gives me this: -+ 1.2.840.113549.1.9.1=#16166a756c6975736461766965734063756362632e636f6d -+ -+ whereas toString() gives me this: -+ EMAILADDRESS=juliusdavies@cucbc.com -+ -+ Looks like toString() even works with non-ascii domain names! -+ I tested it with "花子.co.jp" and it worked fine. -+ */ -+ StringTokenizer st = new StringTokenizer(subjectPrincipal, ","); -+ while (st.hasMoreTokens()) { -+ String tok = st.nextToken(); -+ int x = tok.indexOf("CN="); -+ if (x >= 0) { -+ cnList.add(tok.substring(x + 3)); - } -- } catch (InvalidNameException e) { -- throw new SSLException(subjectPrincipal + " is not a valid X500 distinguished name"); - } -- return cns.isEmpty() ? null : cns.toArray(new String[ cns.size() ]); -+ if (!cnList.isEmpty()) { -+ String[] cns = new String[cnList.size()]; -+ cnList.toArray(cns); -+ return cns; -+ } else { -+ return null; -+ } - } - - /** diff --git a/patches/SSLConnectionSocketFactory.java.patch.4.4.1 b/patches/SSLConnectionSocketFactory.java.patch.4.4.1 new file mode 100644 index 0000000..74d9acb --- /dev/null +++ b/patches/SSLConnectionSocketFactory.java.patch.4.4.1 @@ -0,0 +1,27 @@ +29a30,35 +> import android.os.Build; +> import android.util.Log; +> import android.annotation.TargetApi; +> import java.lang.reflect.InvocationTargetException; +> import java.lang.reflect.Method; +> +138a145 +> public static final String TAG = "SSLConnSockFact"; +393a401,417 +> +> // Android specific code to enable SNI +> if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.JELLY_BEAN_MR1) { +> if (Log.isLoggable(TAG, Log.DEBUG)) { +> Log.d(TAG, "Enabling SNI for " + target); +> } +> try { +> Method method = sslsock.getClass().getMethod("setHostname", String.class); +> method.invoke(sslsock, target); +> } catch (Exception ex) { +> if (Log.isLoggable(TAG, Log.DEBUG)) { +> Log.d(TAG, "SNI configuration failed", ex); +> } +> } +> } +> // End of Android specific code +>