Add option to use MTM without default TrustManager
Add a new "Don't trust system CAs" preference under advanced options that will change the behaviour of the MemorizingTrustManager. All formerly unknown certificates will raise a warning if checked.
This commit is contained in:
		
							parent
							
								
									7eabdfd80f
								
							
						
					
					
						commit
						878066ca99
					
				|  | @ -532,9 +532,7 @@ public class XmppConnectionService extends Service implements OnPhoneContactsLoa | ||||||
| 		ExceptionHelper.init(getApplicationContext()); | 		ExceptionHelper.init(getApplicationContext()); | ||||||
| 		PRNGFixes.apply(); | 		PRNGFixes.apply(); | ||||||
| 		this.mRandom = new SecureRandom(); | 		this.mRandom = new SecureRandom(); | ||||||
| 		this.mMemorizingTrustManager = new MemorizingTrustManager( | 		updateMemorizingTrustmanager(); | ||||||
| 				getApplicationContext()); |  | ||||||
| 
 |  | ||||||
| 		final int maxMemory = (int) (Runtime.getRuntime().maxMemory() / 1024); | 		final int maxMemory = (int) (Runtime.getRuntime().maxMemory() / 1024); | ||||||
| 		final int cacheSize = maxMemory / 8; | 		final int cacheSize = maxMemory / 8; | ||||||
| 		this.mBitmapCache = new LruCache<String, Bitmap>(cacheSize) { | 		this.mBitmapCache = new LruCache<String, Bitmap>(cacheSize) { | ||||||
|  | @ -2185,6 +2183,21 @@ public class XmppConnectionService extends Service implements OnPhoneContactsLoa | ||||||
| 		return this.mMemorizingTrustManager; | 		return this.mMemorizingTrustManager; | ||||||
| 	} | 	} | ||||||
| 
 | 
 | ||||||
|  | 	public void setMemorizingTrustManager(MemorizingTrustManager trustManager) { | ||||||
|  | 		this.mMemorizingTrustManager = trustManager; | ||||||
|  | 	} | ||||||
|  | 
 | ||||||
|  | 	public void updateMemorizingTrustmanager() { | ||||||
|  | 		final MemorizingTrustManager tm; | ||||||
|  | 		final boolean dontTrustSystemCAs = getPreferences().getBoolean("dont_trust_system_cas", false); | ||||||
|  | 		if (dontTrustSystemCAs) { | ||||||
|  | 			 tm = new MemorizingTrustManager(getApplicationContext(), null); | ||||||
|  | 		} else { | ||||||
|  | 			tm = new MemorizingTrustManager(getApplicationContext()); | ||||||
|  | 		} | ||||||
|  | 		setMemorizingTrustManager(tm); | ||||||
|  | 	} | ||||||
|  | 
 | ||||||
| 	public PowerManager getPowerManager() { | 	public PowerManager getPowerManager() { | ||||||
| 		return this.pm; | 		return this.pm; | ||||||
| 	} | 	} | ||||||
|  |  | ||||||
|  | @ -79,7 +79,8 @@ public class SettingsActivity extends XmppActivity implements | ||||||
| 					} | 					} | ||||||
| 				} | 				} | ||||||
| 			} | 			} | ||||||
|  | 		} else if (name.equals("dont_trust_system_cas")) { | ||||||
|  | 			xmppConnectionService.updateMemorizingTrustmanager(); | ||||||
| 		} | 		} | ||||||
| 	} | 	} | ||||||
| 
 |  | ||||||
| } | } | ||||||
|  |  | ||||||
|  | @ -427,6 +427,8 @@ | ||||||
|   <string name="no_application_found_to_display_location">Keine App für die Standort-Anzeige gefunden</string> |   <string name="no_application_found_to_display_location">Keine App für die Standort-Anzeige gefunden</string> | ||||||
|   <string name="location">Standort</string> |   <string name="location">Standort</string> | ||||||
|   <string name="received_location">Standort empfangen</string> |   <string name="received_location">Standort empfangen</string> | ||||||
|  |   <string name="pref_dont_trust_system_cas_title">Misstraue Zertifizierungsstellen</string> | ||||||
|  |   <string name="pref_dont_trust_system_cas_summary">Alle Zertifikate müssen manuell bestätigt werden</string> | ||||||
|   <plurals name="select_contact"> |   <plurals name="select_contact"> | ||||||
|     <item quantity="one">%d Kontakt ausgewählt</item> |     <item quantity="one">%d Kontakt ausgewählt</item> | ||||||
|     <item quantity="other">%d Kontakte ausgewählt</item> |     <item quantity="other">%d Kontakte ausgewählt</item> | ||||||
|  |  | ||||||
|  | @ -454,6 +454,8 @@ | ||||||
|     <string name="no_application_found_to_display_location">No application found to display location</string> |     <string name="no_application_found_to_display_location">No application found to display location</string> | ||||||
|     <string name="location">Location</string> |     <string name="location">Location</string> | ||||||
|     <string name="received_location">Received location</string> |     <string name="received_location">Received location</string> | ||||||
|  | 	<string name="pref_dont_trust_system_cas_title">Don\'t trust system CAs</string> | ||||||
|  | 	<string name="pref_dont_trust_system_cas_summary">All certificates must be manually approved</string> | ||||||
| 	<plurals name="select_contact"> | 	<plurals name="select_contact"> | ||||||
| 		<item quantity="one">Select %d contact</item> | 		<item quantity="one">Select %d contact</item> | ||||||
| 		<item quantity="other">Select %d contacts</item> | 		<item quantity="other">Select %d contacts</item> | ||||||
|  |  | ||||||
|  | @ -147,6 +147,11 @@ | ||||||
|                     android:key="keep_foreground_service" |                     android:key="keep_foreground_service" | ||||||
|                     android:title="@string/pref_keep_foreground_service" |                     android:title="@string/pref_keep_foreground_service" | ||||||
|                     android:summary="@string/pref_keep_foreground_service_summary" /> |                     android:summary="@string/pref_keep_foreground_service_summary" /> | ||||||
|  | 				<CheckBoxPreference | ||||||
|  | 					android:defaultValue="false" | ||||||
|  | 					android:key="dont_trust_system_cas" | ||||||
|  | 					android:title="@string/pref_dont_trust_system_cas_title" | ||||||
|  | 					android:summary="@string/pref_dont_trust_system_cas_summary" /> | ||||||
|             </PreferenceCategory> |             </PreferenceCategory> | ||||||
|         </PreferenceScreen> |         </PreferenceScreen> | ||||||
| 
 | 
 | ||||||
|  |  | ||||||
		Loading…
	
		Reference in New Issue
	
	 BrianBlade
						BrianBlade