Skip to content

Commit

Permalink
Added fix: anaisbetts#210
Browse files Browse the repository at this point in the history
Updated OKHttp libraries
Remove validation of client certificates for class HostnameVerifier - OkHttpNetworkHandler
  • Loading branch information
ramonesteban78 committed Jan 19, 2017
1 parent 64b36bb commit e1db38a
Show file tree
Hide file tree
Showing 5 changed files with 111 additions and 23 deletions.
38 changes: 23 additions & 15 deletions src/ModernHttpClient/Android/OkHttpNetworkHandler.cs
Original file line number Diff line number Diff line change
Expand Up @@ -38,6 +38,12 @@ public NativeMessageHandler(bool throwOnCaptiveNetwork, bool customSSLVerificati

if (customSSLVerification) client.SetHostnameVerifier(new HostnameVerifier());
noCacheCacheControl = (new CacheControl.Builder()).NoCache().Build();

// If less than Android Lollipop
if (((int)Build.VERSION.SdkInt) < 21)
{
client.SetSslSocketFactory (new TlsSSLSocketFactory ());
}
}

public void RegisterForProgress(HttpRequestMessage request, ProgressDelegate callback)
Expand Down Expand Up @@ -198,7 +204,7 @@ class HostnameVerifier : Java.Lang.Object, IHostnameVerifier

public bool Verify(string hostname, ISSLSession session)
{
return verifyServerCertificate(hostname, session) & verifyClientCiphers(hostname, session);
return verifyServerCertificate (hostname, session); // & verifyClientCiphers(hostname, session);
}

/// <summary>
Expand Down Expand Up @@ -262,21 +268,23 @@ static bool verifyServerCertificate(string hostname, ISSLSession session)
return ServicePointManager.ServerCertificateValidationCallback(hostname, root, chain, errors);
}

/// <summary>
/// Verifies client ciphers and is only available in Mono and Xamarin products.
/// </summary>
/// <returns><c>true</c>, if client ciphers was verifyed, <c>false</c> otherwise.</returns>
/// <param name="hostname"></param>
/// <param name="session"></param>
static bool verifyClientCiphers(string hostname, ISSLSession session)
{
var callback = ServicePointManager.ClientCipherSuitesCallback;
if (callback == null) return true;
// We are not verifying client certificates

var protocol = session.Protocol.StartsWith("SSL", StringComparison.InvariantCulture) ? SecurityProtocolType.Ssl3 : SecurityProtocolType.Tls;
var acceptedCiphers = callback(protocol, new[] { session.CipherSuite });
///// <summary>
///// Verifies client ciphers and is only available in Mono and Xamarin products.
///// </summary>
///// <returns><c>true</c>, if client ciphers was verifyed, <c>false</c> otherwise.</returns>
///// <param name="hostname"></param>
///// <param name="session"></param>
//static bool verifyClientCiphers(string hostname, ISSLSession session)
//{
// var callback = ServicePointManager.ClientCipherSuitesCallback;
// if (callback == null) return true;

return acceptedCiphers.Contains(session.CipherSuite);
}
// var protocol = session.Protocol.StartsWith("SSL", StringComparison.InvariantCulture) ? SecurityProtocolType.Ssl3 : SecurityProtocolType.Tls;
// var acceptedCiphers = callback(protocol, new[] { session.CipherSuite });

// return acceptedCiphers.Contains(session.CipherSuite);
//}
}
}
79 changes: 79 additions & 0 deletions src/ModernHttpClient/Android/TlsSSLSocketFactory.cs
Original file line number Diff line number Diff line change
@@ -0,0 +1,79 @@
using Javax.Net.Ssl;

namespace ModernHttpClient
{

public class TlsSSLSocketFactory : SSLSocketFactory
{
readonly SSLSocketFactory factory = (SSLSocketFactory)Default;

public override string [] GetDefaultCipherSuites ()
{
return factory.GetDefaultCipherSuites ();
}

public override string [] GetSupportedCipherSuites ()
{
return factory.GetSupportedCipherSuites ();
}
public override Java.Net.Socket CreateSocket (Java.Net.InetAddress address, int port, Java.Net.InetAddress localAddress, int localPort)
{
SSLSocket socket = (SSLSocket)factory.CreateSocket (address, port, localAddress, localPort);
socket.SetEnabledProtocols (socket.GetSupportedProtocols ());
socket.SetEnabledCipherSuites (socket.GetSupportedCipherSuites ());

return socket;
}

public override Java.Net.Socket CreateSocket (Java.Net.InetAddress host, int port)
{
SSLSocket socket = (SSLSocket)factory.CreateSocket (host, port);
socket.SetEnabledProtocols (socket.GetSupportedProtocols ());
socket.SetEnabledCipherSuites (socket.GetSupportedCipherSuites ());

return socket;
}

public override Java.Net.Socket CreateSocket (string host, int port, Java.Net.InetAddress localHost, int localPort)
{
SSLSocket socket = (SSLSocket)factory.CreateSocket (host, port, localHost, localPort);
socket.SetEnabledProtocols (socket.GetSupportedProtocols ());
socket.SetEnabledCipherSuites (socket.GetSupportedCipherSuites ());

return socket;
}

public override Java.Net.Socket CreateSocket (string host, int port)
{
SSLSocket socket = (SSLSocket)factory.CreateSocket (host, port);
socket.SetEnabledProtocols (socket.GetSupportedProtocols ());
socket.SetEnabledCipherSuites (socket.GetSupportedCipherSuites ());

return socket;
}

public override Java.Net.Socket CreateSocket (Java.Net.Socket s, string host, int port, bool autoClose)
{
SSLSocket socket = (SSLSocket)factory.CreateSocket (s, host, port, autoClose);
socket.SetEnabledProtocols (socket.GetSupportedProtocols ());
socket.SetEnabledCipherSuites (socket.GetSupportedCipherSuites ());

return socket;
}

protected override void Dispose (bool disposing)
{
factory.Dispose ();
base.Dispose (disposing);
}

public override Java.Net.Socket CreateSocket ()
{
SSLSocket socket = (SSLSocket)factory.CreateSocket ();
socket.SetEnabledProtocols (socket.GetSupportedProtocols ());
socket.SetEnabledCipherSuites (socket.GetSupportedCipherSuites ());

return socket;
}
}
}
7 changes: 4 additions & 3 deletions src/ModernHttpClient/ModernHttpClient.Android.csproj
Original file line number Diff line number Diff line change
Expand Up @@ -57,13 +57,14 @@
<Compile Include="Utility.cs" />
<Compile Include="CaptiveNetworkException.cs" />
<Compile Include="Android\NativeCookieHandler.cs" />
<Compile Include="Android\TlsSSLSocketFactory.cs" />
<Reference Include="Square.OkIO">
<HintPath>..\..\packages\Square.OkIO.1.5.0.0\lib\MonoAndroid\Square.OkIO.dll</HintPath>
<HintPath>..\..\packages\Square.OkIO.1.11.0\lib\MonoAndroid\Square.OkIO.dll</HintPath>
</Reference>
<None Include="packages.config" />
<Reference Include="Square.OkHttp">
<HintPath>..\..\packages\Square.OkHttp.2.4.0.3\lib\MonoAndroid\Square.OkHttp.dll</HintPath>
<HintPath>..\..\packages\Square.OkHttp.2.7.5.0\lib\MonoAndroid\Square.OkHttp.dll</HintPath>
</Reference>
</ItemGroup>
<Import Project="$(MSBuildExtensionsPath)\Novell\Novell.MonoDroid.CSharp.targets" />
<Import Project="$(MSBuildExtensionsPath)\Xamarin\Android\Xamarin.Android.CSharp.targets" />
</Project>
2 changes: 1 addition & 1 deletion src/ModernHttpClient/Resources/Resource.designer.cs

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

8 changes: 4 additions & 4 deletions src/ModernHttpClient/packages.config
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
<?xml version="1.0" encoding="utf-8"?>
<packages>
<package id="Square.OkHttp" version="2.4.0.3" targetFramework="MonoAndroid23" />
<package id="Square.OkIO" version="1.5.0.0" targetFramework="MonoAndroid23" />
<?xml version="1.0" encoding="utf-8"?>
<packages>
<package id="Square.OkHttp" version="2.7.5.0" targetFramework="monoandroid23" />
<package id="Square.OkIO" version="1.11.0" targetFramework="monoandroid23" />
</packages>

0 comments on commit e1db38a

Please sign in to comment.