From 9717b83e6d3b8b664a2e465f96c8d67eb559ea47 Mon Sep 17 00:00:00 2001
From: Marius Gavrilescu <marius@ieval.ro>
Date: Fri, 22 Mar 2013 13:20:44 +0200
Subject: [PATCH] Convert everything to HTTPS

HttpCallExecutableRunnable and others now use HTTPS instead of HTTP. The default server hostname was also changed to fonbot.ieval.ro.
---
 res/xml/prefs.xml                             |  2 +-
 .../fonbot/HttpCallExecutableRunnable.java    | 50 +++++++++++++++++--
 src/ro/ieval/fonbot/Utils.java                |  4 +-
 3 files changed, 50 insertions(+), 6 deletions(-)

diff --git a/res/xml/prefs.xml b/res/xml/prefs.xml
index a962a76..fb4c54a 100644
--- a/res/xml/prefs.xml
+++ b/res/xml/prefs.xml
@@ -6,6 +6,6 @@
     <CheckBoxPreference android:title="Device administration" android:summaryOn="Device administration is enabled." android:key="admin" android:summaryOff="Device administration is disabled. Some commands require device administration."/><CheckBoxPreference android:key="foreground" android:title="Run service in foreground" android:summaryOn="The FonBot service is kept in foreground. " android:summaryOff="The FonBot service is not kept in foreground."/><CheckBoxPreference android:key="poll_on_screen_on" android:summaryOff="The server is not polled when the screen is turned on" android:summaryOn="The server is polled when the screen is turned on" android:title="Poll server on screen on"/>
     <CheckBoxPreference android:key="system" android:summaryOff="FonBot is not a system app. Changing this requires root and busybox" android:title="System App" android:summaryOn="FonBot is a system app. Changing this requires root and busybox"/>
     
-    <EditTextPreference android:dialogTitle="Server hostname" android:title="Server hostname" android:dialogMessage="Server hostname. Do not change unless you know what you are doing!" android:key="hostname" android:defaultValue="ieval.ro" android:summary="ieval.ro"/>
+    <EditTextPreference android:dialogTitle="Server hostname" android:title="Server hostname" android:dialogMessage="Server hostname. Do not change unless you know what you are doing!" android:key="hostname" android:defaultValue="fonbot.ieval.ro" android:summary="fonbot.ieval.ro"/>
     <EditTextPreference android:dialogMessage="Server port. Do not change unless you know what you are doing!" android:dialogTitle="Server port" android:title="Server port" android:summary="7777" android:defaultValue="7777" android:key="port"/>
 </PreferenceScreen>
\ No newline at end of file
diff --git a/src/ro/ieval/fonbot/HttpCallExecutableRunnable.java b/src/ro/ieval/fonbot/HttpCallExecutableRunnable.java
index 34c5d8d..469f27d 100644
--- a/src/ro/ieval/fonbot/HttpCallExecutableRunnable.java
+++ b/src/ro/ieval/fonbot/HttpCallExecutableRunnable.java
@@ -5,10 +5,16 @@ import static ro.ieval.fonbot.Utils.toNonNull;
 
 import java.io.InputStream;
 import java.io.OutputStream;
-import java.net.HttpURLConnection;
 import java.net.URL;
+import java.security.cert.CertificateException;
+import java.security.cert.X509Certificate;
 import java.util.Collection;
 
+import javax.net.ssl.HttpsURLConnection;
+import javax.net.ssl.SSLContext;
+import javax.net.ssl.SSLSocketFactory;
+import javax.net.ssl.X509TrustManager;
+
 import org.eclipse.jdt.annotation.Nullable;
 
 import android.content.Context;
@@ -38,11 +44,35 @@ import com.google.android.gcm.GCMRegistrar;
  */
 
 /**
- * ExecutableRunnable that makes a HTTP call to the server and hands the response to a callback
+ * ExecutableRunnable that makes a HTTPS call to the server and hands the response to a callback
  *
  * @author Marius Gavrilescu <marius@ieval.ro>
  */
 public final class HttpCallExecutableRunnable extends ExecutableRunnable{
+	/**
+	 * X509TrustManager that trusts any certificate
+	 *
+	 * @author Marius Gavrilescu
+	 */
+	private static final class TotallyInsecureTrustManager implements X509TrustManager {
+		@Override
+		public @Nullable X509Certificate[] getAcceptedIssuers() {
+			return new X509Certificate[0];
+		}
+
+		@Override
+		public void checkServerTrusted(final @Nullable X509Certificate[] chain, final @Nullable String authType)
+				throws CertificateException {
+			//do nothing
+		}
+
+		@Override
+		public void checkClientTrusted(final @Nullable X509Certificate[] chain, final @Nullable String authType)
+				throws CertificateException {
+			//do nothing
+		}
+	}
+
 	/**
 	 * Callback which is run after a HTTP call.
 	 *
@@ -65,6 +95,19 @@ public final class HttpCallExecutableRunnable extends ExecutableRunnable{
 		public void onError(final String error);
 	}
 
+	/** SSLSocketFactory that uses {@link TotallyInsecureTrustManager} */
+	private static final SSLSocketFactory DEFAULT_SOCKET_FACTORY;
+	static{
+		try{
+			final SSLContext sslcontext=SSLContext.getInstance("TLS");
+			sslcontext.init(null, new X509TrustManager[]{new TotallyInsecureTrustManager()}, null);
+			DEFAULT_SOCKET_FACTORY=sslcontext.getSocketFactory();
+		} catch(final Exception e){
+			Log.wtf("HttpCallExecutableRunnable", "Cannot create SSLSocketFactory", e);
+			throw new AssertionError("Log.wtf did not terminate the process");
+		}
+	}
+
 	/**
 	 * List of extra request headers.
 	 */
@@ -127,7 +170,8 @@ public final class HttpCallExecutableRunnable extends ExecutableRunnable{
 	public void run() {
 		try {
 			final URL url=Utils.getServerURL(toNonNull(context),toNonNull(path));
-			final HttpURLConnection conn=(HttpURLConnection) url.openConnection();
+			final HttpsURLConnection conn=(HttpsURLConnection) url.openConnection();
+			conn.setSSLSocketFactory(DEFAULT_SOCKET_FACTORY);
 			if(data!=null){
 				conn.setDoOutput(true);
 				conn.setFixedLengthStreamingMode(data.length);
diff --git a/src/ro/ieval/fonbot/Utils.java b/src/ro/ieval/fonbot/Utils.java
index e14095e..c699356 100644
--- a/src/ro/ieval/fonbot/Utils.java
+++ b/src/ro/ieval/fonbot/Utils.java
@@ -419,9 +419,9 @@ public final class Utils {
 	 * @throws MalformedURLException if the user preferences create an invalid URL
 	 */
 	public static URL getServerURL(final Context context, final String path) throws MalformedURLException{
-		final String hostname=PreferenceManager.getDefaultSharedPreferences(context).getString("hostname", "ieval.ro");
+		final String hostname=PreferenceManager.getDefaultSharedPreferences(context).getString("hostname", "fonbot.ieval.ro");
 		final int port=Integer.parseInt(PreferenceManager.getDefaultSharedPreferences(context).getString("port", "7777"));
-		final URL url=new URL("http", hostname, port, path);
+		final URL url=new URL("https", hostname, port, path);
 		return url;
 	}
 
-- 
2.30.2