diff options
author | Pete Bentley <prb@google.com> | 2020-01-09 10:01:23 -0800 |
---|---|---|
committer | android-build-merger <android-build-merger@google.com> | 2020-01-09 10:01:23 -0800 |
commit | ebe0c0da248d0dfae72b4a9f46126adff32531ef (patch) | |
tree | 8fbe9f1def929076523a1d7447c717455ec59c67 | |
parent | d45c94d001d26cbb3a696ee67dfe6cd4025efe8b (diff) | |
parent | 08538423214b393edc1da394c9ea8581a74c3935 (diff) | |
download | okhttp-ebe0c0da248d0dfae72b4a9f46126adff32531ef.tar.gz |
Merge "Create strict instances of OKHostnameVerifier on demand."
am: 0853842321
Change-Id: Iae28c407a67bf07962db7276fa1dab2e2d1a946b
3 files changed, 15 insertions, 9 deletions
diff --git a/okhttp-tests/src/test/java/com/squareup/okhttp/internal/tls/HostnameVerifierTest.java b/okhttp-tests/src/test/java/com/squareup/okhttp/internal/tls/HostnameVerifierTest.java index d4187e8..76897fc 100644 --- a/okhttp-tests/src/test/java/com/squareup/okhttp/internal/tls/HostnameVerifierTest.java +++ b/okhttp-tests/src/test/java/com/squareup/okhttp/internal/tls/HostnameVerifierTest.java @@ -51,7 +51,7 @@ public final class HostnameVerifierTest { // subjectAltNameWithToplevelWildcard(), and that test is not parameterized for clarity. return Arrays.asList(new Object[][] { { OkHostnameVerifier.INSTANCE }, - { OkHostnameVerifier.STRICT_INSTANCE } + { OkHostnameVerifier.strictInstance() } }); } @@ -575,7 +575,7 @@ public final class HostnameVerifierTest { + "GUZFKHMeOZ8peQLT8b+5ik6pIO7Vu2pF6w==\n" + "-----END CERTIFICATE-----\n"); assertTrue(OkHostnameVerifier.INSTANCE.verify("google.com", session)); - assertFalse(OkHostnameVerifier.STRICT_INSTANCE.verify("google.com", session)); + assertFalse(OkHostnameVerifier.strictInstance().verify("google.com", session)); } // END Android-added: Verify behaviour with top level wildcard SAN. http://b/144694112 diff --git a/okhttp/src/main/java/com/squareup/okhttp/internal/tls/OkHostnameVerifier.java b/okhttp/src/main/java/com/squareup/okhttp/internal/tls/OkHostnameVerifier.java index d83c5f4..d560c62 100644 --- a/okhttp/src/main/java/com/squareup/okhttp/internal/tls/OkHostnameVerifier.java +++ b/okhttp/src/main/java/com/squareup/okhttp/internal/tls/OkHostnameVerifier.java @@ -35,10 +35,9 @@ import javax.net.ssl.SSLSession; * href="http://www.ietf.org/rfc/rfc2818.txt">RFC 2818</a>. */ public final class OkHostnameVerifier implements HostnameVerifier { - // Android-changed: Add an instance which disallows top-level domain wildcards. b/144694112 + // Android-changed: Add a mode which disallows top-level domain wildcards. b/144694112 // public static final OkHostnameVerifier INSTANCE = new OkHostnameVerifier(); public static final OkHostnameVerifier INSTANCE = new OkHostnameVerifier(false); - public static final OkHostnameVerifier STRICT_INSTANCE = new OkHostnameVerifier(true); /** * Quick and dirty pattern to differentiate IP addresses from hostnames. This @@ -57,7 +56,7 @@ public final class OkHostnameVerifier implements HostnameVerifier { private static final int ALT_DNS_NAME = 2; private static final int ALT_IPA_NAME = 7; - // BEGIN Android-changed: Add an instance which disallows top-level domain wildcards. b/144694112 + // BEGIN Android-changed: Add a mode which disallows top-level domain wildcards. b/144694112 // private OkHostnameVerifier() { // } private final boolean strictWildcardMode; @@ -65,7 +64,11 @@ public final class OkHostnameVerifier implements HostnameVerifier { private OkHostnameVerifier(boolean strictWildcardMode) { this.strictWildcardMode = strictWildcardMode; } - // END Android-changed: Add an instance which disallows top-level domain wildcards. b/144694112 + + public static OkHostnameVerifier strictInstance() { + return new OkHostnameVerifier(true); + } + // END Android-changed: Add a mode which disallows top-level domain wildcards. b/144694112 @Override public boolean verify(String host, SSLSession session) { diff --git a/repackaged/okhttp/src/main/java/com/android/okhttp/internal/tls/OkHostnameVerifier.java b/repackaged/okhttp/src/main/java/com/android/okhttp/internal/tls/OkHostnameVerifier.java index 9985514..d37902f 100644 --- a/repackaged/okhttp/src/main/java/com/android/okhttp/internal/tls/OkHostnameVerifier.java +++ b/repackaged/okhttp/src/main/java/com/android/okhttp/internal/tls/OkHostnameVerifier.java @@ -40,7 +40,6 @@ public final class OkHostnameVerifier implements HostnameVerifier { // Android-changed: Add an instance which disallows top-level domain wildcards. b/144694112 // public static final OkHostnameVerifier INSTANCE = new OkHostnameVerifier(); public static final OkHostnameVerifier INSTANCE = new OkHostnameVerifier(false); - public static final OkHostnameVerifier STRICT_INSTANCE = new OkHostnameVerifier(true); /** * Quick and dirty pattern to differentiate IP addresses from hostnames. This @@ -59,7 +58,7 @@ public final class OkHostnameVerifier implements HostnameVerifier { private static final int ALT_DNS_NAME = 2; private static final int ALT_IPA_NAME = 7; - // BEGIN Android-changed: Add an instance which disallows top-level domain wildcards. b/144694112 + // BEGIN Android-changed: Add a mode which disallows top-level domain wildcards. b/144694112 // private OkHostnameVerifier() { // } private final boolean strictWildcardMode; @@ -67,7 +66,11 @@ public final class OkHostnameVerifier implements HostnameVerifier { private OkHostnameVerifier(boolean strictWildcardMode) { this.strictWildcardMode = strictWildcardMode; } - // END Android-changed: Add an instance which disallows top-level domain wildcards. b/144694112 + + public static OkHostnameVerifier strictInstance() { + return new OkHostnameVerifier(true); + } + // END Android-changed: Add a mode which disallows top-level domain wildcards. b/144694112 @Override public boolean verify(String host, SSLSession session) { |