Convert everything to HTTPS

[fonbot.git] / src / ro / ieval / fonbot / HttpCallExecutableRunnable.java

diff --git a/src/ro/ieval/fonbot/HttpCallExecutableRunnable.java b/src/ro/ieval/fonbot/HttpCallExecutableRunnable.java
index 34c5d8d8260265be43ee1e6edee0460d1accf95b..469f27d9073853ca6f85ff83ecc046cbc526a89c 100644 (file)
--- a/src/ro/ieval/fonbot/HttpCallExecutableRunnable.java
+++ b/src/ro/ieval/fonbot/HttpCallExecutableRunnable.java
@@ -5,10 +5,16 @@ import static ro.ieval.fonbot.Utils.toNonNull;
 
 import java.io.InputStream;
 import java.io.OutputStream;
-import java.net.HttpURLConnection;
 import java.net.URL;
+import java.security.cert.CertificateException;
+import java.security.cert.X509Certificate;
 import java.util.Collection;
 
+import javax.net.ssl.HttpsURLConnection;
+import javax.net.ssl.SSLContext;
+import javax.net.ssl.SSLSocketFactory;
+import javax.net.ssl.X509TrustManager;
+
 import org.eclipse.jdt.annotation.Nullable;
 
 import android.content.Context;
@@ -38,11 +44,35 @@ import com.google.android.gcm.GCMRegistrar;
  */
 
 /**
- * ExecutableRunnable that makes a HTTP call to the server and hands the response to a callback
+ * ExecutableRunnable that makes a HTTPS call to the server and hands the response to a callback
  *
  * @author Marius Gavrilescu <marius@ieval.ro>
  */
 public final class HttpCallExecutableRunnable extends ExecutableRunnable{
+       /**
+        * X509TrustManager that trusts any certificate
+        *
+        * @author Marius Gavrilescu
+        */
+       private static final class TotallyInsecureTrustManager implements X509TrustManager {
+               @Override
+               public @Nullable X509Certificate[] getAcceptedIssuers() {
+                       return new X509Certificate[0];
+               }
+
+               @Override
+               public void checkServerTrusted(final @Nullable X509Certificate[] chain, final @Nullable String authType)
+                               throws CertificateException {
+                       //do nothing
+               }
+
+               @Override
+               public void checkClientTrusted(final @Nullable X509Certificate[] chain, final @Nullable String authType)
+                               throws CertificateException {
+                       //do nothing
+               }
+       }
+
        /**
         * Callback which is run after a HTTP call.
         *
@@ -65,6 +95,19 @@ public final class HttpCallExecutableRunnable extends ExecutableRunnable{
                public void onError(final String error);
        }
 
+       /** SSLSocketFactory that uses {@link TotallyInsecureTrustManager} */
+       private static final SSLSocketFactory DEFAULT_SOCKET_FACTORY;
+       static{
+               try{
+                       final SSLContext sslcontext=SSLContext.getInstance("TLS");
+                       sslcontext.init(null, new X509TrustManager[]{new TotallyInsecureTrustManager()}, null);
+                       DEFAULT_SOCKET_FACTORY=sslcontext.getSocketFactory();
+               } catch(final Exception e){
+                       Log.wtf("HttpCallExecutableRunnable", "Cannot create SSLSocketFactory", e);
+                       throw new AssertionError("Log.wtf did not terminate the process");
+               }
+       }
+
        /**
         * List of extra request headers.
         */
@@ -127,7 +170,8 @@ public final class HttpCallExecutableRunnable extends ExecutableRunnable{
        public void run() {
                try {
                        final URL url=Utils.getServerURL(toNonNull(context),toNonNull(path));
-                       final HttpURLConnection conn=(HttpURLConnection) url.openConnection();
+                       final HttpsURLConnection conn=(HttpsURLConnection) url.openConnection();
+                       conn.setSSLSocketFactory(DEFAULT_SOCKET_FACTORY);
                        if(data!=null){
                                conn.setDoOutput(true);
                                conn.setFixedLengthStreamingMode(data.length);