import java.io.InputStream;
import java.io.OutputStream;
-import java.net.HttpURLConnection;
import java.net.URL;
+import java.security.cert.CertificateException;
+import java.security.cert.X509Certificate;
import java.util.Collection;
+import javax.net.ssl.HttpsURLConnection;
+import javax.net.ssl.SSLContext;
+import javax.net.ssl.SSLSocketFactory;
+import javax.net.ssl.X509TrustManager;
+
import org.eclipse.jdt.annotation.Nullable;
import android.content.Context;
*/
/**
- * ExecutableRunnable that makes a HTTP call to the server and hands the response to a callback
+ * ExecutableRunnable that makes a HTTPS call to the server and hands the response to a callback
*
* @author Marius Gavrilescu <marius@ieval.ro>
*/
public final class HttpCallExecutableRunnable extends ExecutableRunnable{
+ /**
+ * X509TrustManager that trusts any certificate
+ *
+ * @author Marius Gavrilescu
+ */
+ private static final class TotallyInsecureTrustManager implements X509TrustManager {
+ @Override
+ public @Nullable X509Certificate[] getAcceptedIssuers() {
+ return new X509Certificate[0];
+ }
+
+ @Override
+ public void checkServerTrusted(final @Nullable X509Certificate[] chain, final @Nullable String authType)
+ throws CertificateException {
+ //do nothing
+ }
+
+ @Override
+ public void checkClientTrusted(final @Nullable X509Certificate[] chain, final @Nullable String authType)
+ throws CertificateException {
+ //do nothing
+ }
+ }
+
/**
* Callback which is run after a HTTP call.
*
public void onError(final String error);
}
+ /** SSLSocketFactory that uses {@link TotallyInsecureTrustManager} */
+ private static final SSLSocketFactory DEFAULT_SOCKET_FACTORY;
+ static{
+ try{
+ final SSLContext sslcontext=SSLContext.getInstance("TLS");
+ sslcontext.init(null, new X509TrustManager[]{new TotallyInsecureTrustManager()}, null);
+ DEFAULT_SOCKET_FACTORY=sslcontext.getSocketFactory();
+ } catch(final Exception e){
+ Log.wtf("HttpCallExecutableRunnable", "Cannot create SSLSocketFactory", e);
+ throw new AssertionError("Log.wtf did not terminate the process");
+ }
+ }
+
/**
* List of extra request headers.
*/
public void run() {
try {
final URL url=Utils.getServerURL(toNonNull(context),toNonNull(path));
- final HttpURLConnection conn=(HttpURLConnection) url.openConnection();
+ final HttpsURLConnection conn=(HttpsURLConnection) url.openConnection();
+ conn.setSSLSocketFactory(DEFAULT_SOCKET_FACTORY);
if(data!=null){
conn.setDoOutput(true);
conn.setFixedLengthStreamingMode(data.length);