add option to trust all SSL certificates
This commit is contained in:
parent
d30bb778c0
commit
0bf4c51052
@ -21,6 +21,7 @@
|
|||||||
<string name="preferences">Preferences</string>
|
<string name="preferences">Preferences</string>
|
||||||
<string name="theme_light">Light</string>
|
<string name="theme_light">Light</string>
|
||||||
<string name="login_api_disabled">Login failed: API disabled.</string>
|
<string name="login_api_disabled">Login failed: API disabled.</string>
|
||||||
|
<string name="login_no_data">Login failed: no data received.</string>
|
||||||
<string name="login_wrong_password">Login failed: username or password incorrect.</string>
|
<string name="login_wrong_password">Login failed: username or password incorrect.</string>
|
||||||
<string name="login_success">Logged in.</string>
|
<string name="login_success">Logged in.</string>
|
||||||
<string name="no_unread_feeds">No unread feeds.</string>
|
<string name="no_unread_feeds">No unread feeds.</string>
|
||||||
@ -36,4 +37,5 @@
|
|||||||
<string name="load_more_articles">Load more...</string>
|
<string name="load_more_articles">Load more...</string>
|
||||||
<string name="show_all_articles">Show all articles</string>
|
<string name="show_all_articles">Show all articles</string>
|
||||||
<string name="show_unread_articles">Show unread articles</string>
|
<string name="show_unread_articles">Show unread articles</string>
|
||||||
|
<string name="ssl_trust_any">Accept any SSL certificate</string>
|
||||||
</resources>
|
</resources>
|
||||||
|
@ -8,7 +8,7 @@
|
|||||||
<EditTextPreference android:title="@string/login" android:key="login" android:singleLine="true"></EditTextPreference>
|
<EditTextPreference android:title="@string/login" android:key="login" android:singleLine="true"></EditTextPreference>
|
||||||
<EditTextPreference android:title="@string/password" android:key="password" android:singleLine="true" android:password="true"></EditTextPreference>
|
<EditTextPreference android:title="@string/password" android:key="password" android:singleLine="true" android:password="true"></EditTextPreference>
|
||||||
<EditTextPreference android:key="ttrss_url" android:title="@string/ttrss_url" android:singleLine="true" textUri="true" android:hint="@string/default_url"></EditTextPreference>
|
<EditTextPreference android:key="ttrss_url" android:title="@string/ttrss_url" android:singleLine="true" textUri="true" android:hint="@string/default_url"></EditTextPreference>
|
||||||
<!-- <CheckBoxPreference android:defaultValue="true" android:title="@string/auto_login" android:key="auto_login" /> -->
|
<CheckBoxPreference android:defaultValue="false" android:title="@string/ssl_trust_any" android:key="ssl_trust_any" />
|
||||||
|
|
||||||
</PreferenceCategory>
|
</PreferenceCategory>
|
||||||
|
|
||||||
|
@ -7,8 +7,14 @@ import java.util.HashMap;
|
|||||||
|
|
||||||
import org.apache.http.HttpResponse;
|
import org.apache.http.HttpResponse;
|
||||||
import org.apache.http.client.methods.HttpPost;
|
import org.apache.http.client.methods.HttpPost;
|
||||||
|
import org.apache.http.conn.scheme.PlainSocketFactory;
|
||||||
|
import org.apache.http.conn.scheme.Scheme;
|
||||||
|
import org.apache.http.conn.scheme.SchemeRegistry;
|
||||||
import org.apache.http.entity.StringEntity;
|
import org.apache.http.entity.StringEntity;
|
||||||
import org.apache.http.impl.client.DefaultHttpClient;
|
import org.apache.http.impl.client.DefaultHttpClient;
|
||||||
|
import org.apache.http.impl.conn.tsccm.ThreadSafeClientConnManager;
|
||||||
|
import org.apache.http.params.BasicHttpParams;
|
||||||
|
import org.apache.http.params.HttpParams;
|
||||||
|
|
||||||
import android.os.AsyncTask;
|
import android.os.AsyncTask;
|
||||||
import android.util.Log;
|
import android.util.Log;
|
||||||
@ -26,11 +32,16 @@ public class ApiRequest extends AsyncTask<HashMap<String,String>, Integer, JsonE
|
|||||||
protected static final int STATUS_OTHER_ERROR = 3;
|
protected static final int STATUS_OTHER_ERROR = 3;
|
||||||
|
|
||||||
private String m_api;
|
private String m_api;
|
||||||
|
private boolean m_trustAny = false;
|
||||||
|
|
||||||
protected void setApi(String api) {
|
protected void setApi(String api) {
|
||||||
m_api = api;
|
m_api = api;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public void setTrustAny(boolean trust) {
|
||||||
|
m_trustAny = trust;
|
||||||
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
protected JsonElement doInBackground(HashMap<String, String>... params) {
|
protected JsonElement doInBackground(HashMap<String, String>... params) {
|
||||||
|
|
||||||
@ -38,9 +49,22 @@ public class ApiRequest extends AsyncTask<HashMap<String,String>, Integer, JsonE
|
|||||||
|
|
||||||
String requestStr = gson.toJson(new HashMap<String,String>(params[0]));
|
String requestStr = gson.toJson(new HashMap<String,String>(params[0]));
|
||||||
|
|
||||||
Log.d(TAG, ">>> (" + requestStr + ") " + m_api);
|
//Log.d(TAG, ">>> (" + requestStr + ") " + m_api);
|
||||||
|
|
||||||
|
DefaultHttpClient client;
|
||||||
|
|
||||||
|
if (m_trustAny) {
|
||||||
|
SchemeRegistry schemeRegistry = new SchemeRegistry();
|
||||||
|
schemeRegistry.register(new Scheme("http", PlainSocketFactory.getSocketFactory(), 80));
|
||||||
|
schemeRegistry.register(new Scheme("https", new EasySSLSocketFactory(), 443));
|
||||||
|
|
||||||
|
HttpParams httpParams = new BasicHttpParams();
|
||||||
|
|
||||||
|
client = new DefaultHttpClient(new ThreadSafeClientConnManager(httpParams, schemeRegistry), httpParams);
|
||||||
|
} else {
|
||||||
|
client = new DefaultHttpClient();
|
||||||
|
}
|
||||||
|
|
||||||
DefaultHttpClient client = new DefaultHttpClient();
|
|
||||||
HttpPost httpPost = new HttpPost(m_api + "/api/");
|
HttpPost httpPost = new HttpPost(m_api + "/api/");
|
||||||
|
|
||||||
try {
|
try {
|
||||||
@ -68,6 +92,7 @@ public class ApiRequest extends AsyncTask<HashMap<String,String>, Integer, JsonE
|
|||||||
} catch (Exception e) {
|
} catch (Exception e) {
|
||||||
e.printStackTrace();
|
e.printStackTrace();
|
||||||
}
|
}
|
||||||
|
|
||||||
return null;
|
return null;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
120
src/org/fox/ttrss/EasySSLSocketFactory.java
Normal file
120
src/org/fox/ttrss/EasySSLSocketFactory.java
Normal file
@ -0,0 +1,120 @@
|
|||||||
|
package org.fox.ttrss;
|
||||||
|
|
||||||
|
import java.io.IOException;
|
||||||
|
import java.net.InetAddress;
|
||||||
|
import java.net.InetSocketAddress;
|
||||||
|
import java.net.Socket;
|
||||||
|
import java.net.UnknownHostException;
|
||||||
|
|
||||||
|
import javax.net.ssl.SSLContext;
|
||||||
|
import javax.net.ssl.SSLSocket;
|
||||||
|
import javax.net.ssl.TrustManager;
|
||||||
|
|
||||||
|
import org.apache.http.conn.ConnectTimeoutException;
|
||||||
|
import org.apache.http.conn.scheme.LayeredSocketFactory;
|
||||||
|
import org.apache.http.conn.scheme.SocketFactory;
|
||||||
|
import org.apache.http.params.HttpConnectionParams;
|
||||||
|
import org.apache.http.params.HttpParams;
|
||||||
|
|
||||||
|
public class EasySSLSocketFactory implements SocketFactory, LayeredSocketFactory
|
||||||
|
{
|
||||||
|
private SSLContext sslcontext = null;
|
||||||
|
|
||||||
|
private static SSLContext createEasySSLContext() throws IOException
|
||||||
|
{
|
||||||
|
try
|
||||||
|
{
|
||||||
|
SSLContext context = SSLContext.getInstance("TLS");
|
||||||
|
context.init(null, new TrustManager[] { new EasyX509TrustManager() }, null);
|
||||||
|
return context;
|
||||||
|
}
|
||||||
|
catch (Exception e)
|
||||||
|
{
|
||||||
|
throw new IOException(e.getMessage());
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
private SSLContext getSSLContext() throws IOException
|
||||||
|
{
|
||||||
|
if (this.sslcontext == null)
|
||||||
|
{
|
||||||
|
this.sslcontext = createEasySSLContext();
|
||||||
|
}
|
||||||
|
return this.sslcontext;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @see org.apache.http.conn.scheme.SocketFactory#connectSocket(java.net.Socket, java.lang.String, int,
|
||||||
|
* java.net.InetAddress, int, org.apache.http.params.HttpParams)
|
||||||
|
*/
|
||||||
|
public Socket connectSocket(Socket sock,
|
||||||
|
String host,
|
||||||
|
int port,
|
||||||
|
InetAddress localAddress,
|
||||||
|
int localPort,
|
||||||
|
HttpParams params)
|
||||||
|
|
||||||
|
throws IOException, UnknownHostException, ConnectTimeoutException
|
||||||
|
{
|
||||||
|
int connTimeout = HttpConnectionParams.getConnectionTimeout(params);
|
||||||
|
int soTimeout = HttpConnectionParams.getSoTimeout(params);
|
||||||
|
InetSocketAddress remoteAddress = new InetSocketAddress(host, port);
|
||||||
|
SSLSocket sslsock = (SSLSocket) ((sock != null) ? sock : createSocket());
|
||||||
|
|
||||||
|
if ((localAddress != null) || (localPort > 0))
|
||||||
|
{
|
||||||
|
// we need to bind explicitly
|
||||||
|
if (localPort < 0)
|
||||||
|
{
|
||||||
|
localPort = 0; // indicates "any"
|
||||||
|
}
|
||||||
|
InetSocketAddress isa = new InetSocketAddress(localAddress, localPort);
|
||||||
|
sslsock.bind(isa);
|
||||||
|
}
|
||||||
|
|
||||||
|
sslsock.connect(remoteAddress, connTimeout);
|
||||||
|
sslsock.setSoTimeout(soTimeout);
|
||||||
|
return sslsock;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @see org.apache.http.conn.scheme.SocketFactory#createSocket()
|
||||||
|
*/
|
||||||
|
public Socket createSocket() throws IOException {
|
||||||
|
return getSSLContext().getSocketFactory().createSocket();
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @see org.apache.http.conn.scheme.SocketFactory#isSecure(java.net.Socket)
|
||||||
|
*/
|
||||||
|
public boolean isSecure(Socket socket) throws IllegalArgumentException {
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @see org.apache.http.conn.scheme.LayeredSocketFactory#createSocket(java.net.Socket, java.lang.String, int,
|
||||||
|
* boolean)
|
||||||
|
*/
|
||||||
|
public Socket createSocket(Socket socket,
|
||||||
|
String host,
|
||||||
|
int port,
|
||||||
|
boolean autoClose) throws IOException,
|
||||||
|
UnknownHostException
|
||||||
|
{
|
||||||
|
return getSSLContext().getSocketFactory().createSocket(socket, host, port, autoClose);
|
||||||
|
}
|
||||||
|
|
||||||
|
// -------------------------------------------------------------------
|
||||||
|
// javadoc in org.apache.http.conn.scheme.SocketFactory says :
|
||||||
|
// Both Object.equals() and Object.hashCode() must be overridden
|
||||||
|
// for the correct operation of some connection managers
|
||||||
|
// -------------------------------------------------------------------
|
||||||
|
|
||||||
|
public boolean equals(Object obj) {
|
||||||
|
return ((obj != null) && obj.getClass().equals(EasySSLSocketFactory.class));
|
||||||
|
}
|
||||||
|
|
||||||
|
public int hashCode() {
|
||||||
|
return EasySSLSocketFactory.class.hashCode();
|
||||||
|
}
|
||||||
|
}
|
26
src/org/fox/ttrss/EasyX509TrustManager.java
Normal file
26
src/org/fox/ttrss/EasyX509TrustManager.java
Normal file
@ -0,0 +1,26 @@
|
|||||||
|
|
||||||
|
package org.fox.ttrss;
|
||||||
|
|
||||||
|
import java.security.cert.CertificateException;
|
||||||
|
import java.security.cert.X509Certificate;
|
||||||
|
|
||||||
|
import javax.net.ssl.X509TrustManager;
|
||||||
|
|
||||||
|
// http://stackoverflow.com/questions/6989116/httpget-not-working-due-to-not-trusted-server-certificate-but-it-works-with-ht
|
||||||
|
|
||||||
|
public class EasyX509TrustManager implements X509TrustManager {
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public void checkClientTrusted(X509Certificate[] chain, String authType)
|
||||||
|
throws CertificateException { }
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public void checkServerTrusted(X509Certificate[] chain, String authType)
|
||||||
|
throws CertificateException { }
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public X509Certificate[] getAcceptedIssuers() {
|
||||||
|
return new X509Certificate[0];
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
@ -133,6 +133,7 @@ public class FeedsFragment extends Fragment implements OnItemClickListener {
|
|||||||
FeedsRequest fr = new FeedsRequest();
|
FeedsRequest fr = new FeedsRequest();
|
||||||
|
|
||||||
fr.setApi(m_prefs.getString("ttrss_url", null));
|
fr.setApi(m_prefs.getString("ttrss_url", null));
|
||||||
|
fr.setTrustAny(m_prefs.getBoolean("ssl_trust_any", false));
|
||||||
|
|
||||||
final String sessionId = ((MainActivity)getActivity()).getSessionId();
|
final String sessionId = ((MainActivity)getActivity()).getSessionId();
|
||||||
final boolean unreadOnly = ((MainActivity)getActivity()).getUnreadOnly();
|
final boolean unreadOnly = ((MainActivity)getActivity()).getUnreadOnly();
|
||||||
@ -212,8 +213,9 @@ public class FeedsFragment extends Fragment implements OnItemClickListener {
|
|||||||
// report null object received
|
// report null object received
|
||||||
}
|
}
|
||||||
|
|
||||||
return;
|
showLoading(false);
|
||||||
|
|
||||||
|
return;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -125,6 +125,7 @@ public class HeadlinesFragment extends Fragment implements OnItemClickListener {
|
|||||||
HeadlinesRequest req = new HeadlinesRequest();
|
HeadlinesRequest req = new HeadlinesRequest();
|
||||||
|
|
||||||
req.setApi(m_prefs.getString("ttrss_url", null));
|
req.setApi(m_prefs.getString("ttrss_url", null));
|
||||||
|
req.setTrustAny(m_prefs.getBoolean("ssl_trust_any", false));
|
||||||
|
|
||||||
final String sessionId = ((MainActivity)getActivity()).getSessionId();
|
final String sessionId = ((MainActivity)getActivity()).getSessionId();
|
||||||
final boolean showUnread = ((MainActivity)getActivity()).getUnreadArticlesOnly();
|
final boolean showUnread = ((MainActivity)getActivity()).getUnreadArticlesOnly();
|
||||||
@ -226,6 +227,8 @@ public class HeadlinesFragment extends Fragment implements OnItemClickListener {
|
|||||||
// report null object
|
// report null object
|
||||||
}
|
}
|
||||||
|
|
||||||
|
showLoading(false);
|
||||||
|
|
||||||
return;
|
return;
|
||||||
|
|
||||||
}
|
}
|
||||||
|
@ -490,8 +490,10 @@ public class MainActivity extends FragmentActivity implements FeedsFragment.OnFe
|
|||||||
} catch (Exception e) {
|
} catch (Exception e) {
|
||||||
e.printStackTrace();
|
e.printStackTrace();
|
||||||
}
|
}
|
||||||
|
} else {
|
||||||
|
setLoadingStatus(R.string.login_no_data, false);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
@ -601,6 +603,7 @@ public class MainActivity extends FragmentActivity implements FeedsFragment.OnFe
|
|||||||
|
|
||||||
LoginRequest ar = new LoginRequest();
|
LoginRequest ar = new LoginRequest();
|
||||||
ar.setApi(m_prefs.getString("ttrss_url", null));
|
ar.setApi(m_prefs.getString("ttrss_url", null));
|
||||||
|
ar.setTrustAny(m_prefs.getBoolean("ssl_trust_any", false));
|
||||||
|
|
||||||
HashMap<String,String> map = new HashMap<String,String>() {
|
HashMap<String,String> map = new HashMap<String,String>() {
|
||||||
{
|
{
|
||||||
|
Loading…
Reference in New Issue
Block a user