diff options
| author | Pete Bentley <prb@google.com> | 2020-01-07 16:47:35 +0000 |
|---|---|---|
| committer | Pete Bentley <prb@google.com> | 2020-01-07 16:47:35 +0000 |
| commit | 63cb1c34ac609344face3e5e9bd064a9947bd47b (patch) | |
| tree | 8fbe9f1def929076523a1d7447c717455ec59c67 | |
| parent | 0db3af9fb3d3f98bd976512522796cf014c3ab13 (diff) | |
| download | okhttp-63cb1c34ac609344face3e5e9bd064a9947bd47b.tar.gz | |
Create strict instances of OKHostnameVerifier on demand.
Most users are never going to need this so don't pre-create an instance.
Bug: 144694112
Test: atest CtsLibcoreOkHttpTestCases:com.squareup.okhttp.internal.tls.HostnameVerifierTest
Test: atest CtsLibcoreTestCases:org.apache.harmony.tests.javax.net.ssl.HostnameVerifierTest
Change-Id: Ie872ac222fc2d1b9f1e4da6bee25f3d4d5a0d722
3 files changed, 15 insertions, 9 deletions
diff --git a/okhttp-tests/src/test/java/com/squareup/okhttp/internal/tls/HostnameVerifierTest.java b/okhttp-tests/src/test/java/com/squareup/okhttp/internal/tls/HostnameVerifierTest.java index d4187e8..76897fc 100644 --- a/okhttp-tests/src/test/java/com/squareup/okhttp/internal/tls/HostnameVerifierTest.java +++ b/okhttp-tests/src/test/java/com/squareup/okhttp/internal/tls/HostnameVerifierTest.java @@ -51,7 +51,7 @@ public final class HostnameVerifierTest { // subjectAltNameWithToplevelWildcard(), and that test is not parameterized for clarity. return Arrays.asList(new Object[][] { { OkHostnameVerifier.INSTANCE }, - { OkHostnameVerifier.STRICT_INSTANCE } + { OkHostnameVerifier.strictInstance() } }); } @@ -575,7 +575,7 @@ public final class HostnameVerifierTest { + "GUZFKHMeOZ8peQLT8b+5ik6pIO7Vu2pF6w==\n" + "-----END CERTIFICATE-----\n"); assertTrue(OkHostnameVerifier.INSTANCE.verify("google.com", session)); - assertFalse(OkHostnameVerifier.STRICT_INSTANCE.verify("google.com", session)); + assertFalse(OkHostnameVerifier.strictInstance().verify("google.com", session)); } // END Android-added: Verify behaviour with top level wildcard SAN. http://b/144694112 diff --git a/okhttp/src/main/java/com/squareup/okhttp/internal/tls/OkHostnameVerifier.java b/okhttp/src/main/java/com/squareup/okhttp/internal/tls/OkHostnameVerifier.java index d83c5f4..d560c62 100644 --- a/okhttp/src/main/java/com/squareup/okhttp/internal/tls/OkHostnameVerifier.java +++ b/okhttp/src/main/java/com/squareup/okhttp/internal/tls/OkHostnameVerifier.java @@ -35,10 +35,9 @@ import javax.net.ssl.SSLSession; * href="http://www.ietf.org/rfc/rfc2818.txt">RFC 2818</a>. */ public final class OkHostnameVerifier implements HostnameVerifier { - // Android-changed: Add an instance which disallows top-level domain wildcards. b/144694112 + // Android-changed: Add a mode which disallows top-level domain wildcards. b/144694112 // public static final OkHostnameVerifier INSTANCE = new OkHostnameVerifier(); public static final OkHostnameVerifier INSTANCE = new OkHostnameVerifier(false); - public static final OkHostnameVerifier STRICT_INSTANCE = new OkHostnameVerifier(true); /** * Quick and dirty pattern to differentiate IP addresses from hostnames. This @@ -57,7 +56,7 @@ public final class OkHostnameVerifier implements HostnameVerifier { private static final int ALT_DNS_NAME = 2; private static final int ALT_IPA_NAME = 7; - // BEGIN Android-changed: Add an instance which disallows top-level domain wildcards. b/144694112 + // BEGIN Android-changed: Add a mode which disallows top-level domain wildcards. b/144694112 // private OkHostnameVerifier() { // } private final boolean strictWildcardMode; @@ -65,7 +64,11 @@ public final class OkHostnameVerifier implements HostnameVerifier { private OkHostnameVerifier(boolean strictWildcardMode) { this.strictWildcardMode = strictWildcardMode; } - // END Android-changed: Add an instance which disallows top-level domain wildcards. b/144694112 + + public static OkHostnameVerifier strictInstance() { + return new OkHostnameVerifier(true); + } + // END Android-changed: Add a mode which disallows top-level domain wildcards. b/144694112 @Override public boolean verify(String host, SSLSession session) { diff --git a/repackaged/okhttp/src/main/java/com/android/okhttp/internal/tls/OkHostnameVerifier.java b/repackaged/okhttp/src/main/java/com/android/okhttp/internal/tls/OkHostnameVerifier.java index 9985514..d37902f 100644 --- a/repackaged/okhttp/src/main/java/com/android/okhttp/internal/tls/OkHostnameVerifier.java +++ b/repackaged/okhttp/src/main/java/com/android/okhttp/internal/tls/OkHostnameVerifier.java @@ -40,7 +40,6 @@ public final class OkHostnameVerifier implements HostnameVerifier { // Android-changed: Add an instance which disallows top-level domain wildcards. b/144694112 // public static final OkHostnameVerifier INSTANCE = new OkHostnameVerifier(); public static final OkHostnameVerifier INSTANCE = new OkHostnameVerifier(false); - public static final OkHostnameVerifier STRICT_INSTANCE = new OkHostnameVerifier(true); /** * Quick and dirty pattern to differentiate IP addresses from hostnames. This @@ -59,7 +58,7 @@ public final class OkHostnameVerifier implements HostnameVerifier { private static final int ALT_DNS_NAME = 2; private static final int ALT_IPA_NAME = 7; - // BEGIN Android-changed: Add an instance which disallows top-level domain wildcards. b/144694112 + // BEGIN Android-changed: Add a mode which disallows top-level domain wildcards. b/144694112 // private OkHostnameVerifier() { // } private final boolean strictWildcardMode; @@ -67,7 +66,11 @@ public final class OkHostnameVerifier implements HostnameVerifier { private OkHostnameVerifier(boolean strictWildcardMode) { this.strictWildcardMode = strictWildcardMode; } - // END Android-changed: Add an instance which disallows top-level domain wildcards. b/144694112 + + public static OkHostnameVerifier strictInstance() { + return new OkHostnameVerifier(true); + } + // END Android-changed: Add a mode which disallows top-level domain wildcards. b/144694112 @Override public boolean verify(String host, SSLSession session) { |