aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorBrianBlade <n.gelbertz@gmail.com>2015-04-02 13:35:42 +0200
committerBrianBlade <n.gelbertz@gmail.com>2015-04-11 15:13:42 +0200
commit878066ca99c1170479fb217d68ecdb9cf5498975 (patch)
treec866ad43ba2b8529801c5bd2c0b4ecdf507faec3
parent7eabdfd80f50634282307f45c5f99ab46181805d (diff)
Add option to use MTM without default TrustManager
Add a new "Don't trust system CAs" preference under advanced options that will change the behaviour of the MemorizingTrustManager. All formerly unknown certificates will raise a warning if checked.
-rw-r--r--src/main/java/eu/siacs/conversations/services/XmppConnectionService.java19
-rw-r--r--src/main/java/eu/siacs/conversations/ui/SettingsActivity.java3
-rw-r--r--src/main/res/values-de/strings.xml2
-rw-r--r--src/main/res/values/strings.xml2
-rw-r--r--src/main/res/xml/preferences.xml5
5 files changed, 27 insertions, 4 deletions
diff --git a/src/main/java/eu/siacs/conversations/services/XmppConnectionService.java b/src/main/java/eu/siacs/conversations/services/XmppConnectionService.java
index ca182867a..f94e715eb 100644
--- a/src/main/java/eu/siacs/conversations/services/XmppConnectionService.java
+++ b/src/main/java/eu/siacs/conversations/services/XmppConnectionService.java
@@ -532,9 +532,7 @@ public class XmppConnectionService extends Service implements OnPhoneContactsLoa
ExceptionHelper.init(getApplicationContext());
PRNGFixes.apply();
this.mRandom = new SecureRandom();
- this.mMemorizingTrustManager = new MemorizingTrustManager(
- getApplicationContext());
-
+ updateMemorizingTrustmanager();
final int maxMemory = (int) (Runtime.getRuntime().maxMemory() / 1024);
final int cacheSize = maxMemory / 8;
this.mBitmapCache = new LruCache<String, Bitmap>(cacheSize) {
@@ -2185,6 +2183,21 @@ public class XmppConnectionService extends Service implements OnPhoneContactsLoa
return this.mMemorizingTrustManager;
}
+ public void setMemorizingTrustManager(MemorizingTrustManager trustManager) {
+ this.mMemorizingTrustManager = trustManager;
+ }
+
+ public void updateMemorizingTrustmanager() {
+ final MemorizingTrustManager tm;
+ final boolean dontTrustSystemCAs = getPreferences().getBoolean("dont_trust_system_cas", false);
+ if (dontTrustSystemCAs) {
+ tm = new MemorizingTrustManager(getApplicationContext(), null);
+ } else {
+ tm = new MemorizingTrustManager(getApplicationContext());
+ }
+ setMemorizingTrustManager(tm);
+ }
+
public PowerManager getPowerManager() {
return this.pm;
}
diff --git a/src/main/java/eu/siacs/conversations/ui/SettingsActivity.java b/src/main/java/eu/siacs/conversations/ui/SettingsActivity.java
index 39e215f2b..1bc59b138 100644
--- a/src/main/java/eu/siacs/conversations/ui/SettingsActivity.java
+++ b/src/main/java/eu/siacs/conversations/ui/SettingsActivity.java
@@ -79,7 +79,8 @@ public class SettingsActivity extends XmppActivity implements
}
}
}
+ } else if (name.equals("dont_trust_system_cas")) {
+ xmppConnectionService.updateMemorizingTrustmanager();
}
}
-
}
diff --git a/src/main/res/values-de/strings.xml b/src/main/res/values-de/strings.xml
index 0dd9f4011..d5533061b 100644
--- a/src/main/res/values-de/strings.xml
+++ b/src/main/res/values-de/strings.xml
@@ -427,6 +427,8 @@
<string name="no_application_found_to_display_location">Keine App für die Standort-Anzeige gefunden</string>
<string name="location">Standort</string>
<string name="received_location">Standort empfangen</string>
+ <string name="pref_dont_trust_system_cas_title">Misstraue Zertifizierungsstellen</string>
+ <string name="pref_dont_trust_system_cas_summary">Alle Zertifikate müssen manuell bestätigt werden</string>
<plurals name="select_contact">
<item quantity="one">%d Kontakt ausgewählt</item>
<item quantity="other">%d Kontakte ausgewählt</item>
diff --git a/src/main/res/values/strings.xml b/src/main/res/values/strings.xml
index af56c0146..28bb71e95 100644
--- a/src/main/res/values/strings.xml
+++ b/src/main/res/values/strings.xml
@@ -454,6 +454,8 @@
<string name="no_application_found_to_display_location">No application found to display location</string>
<string name="location">Location</string>
<string name="received_location">Received location</string>
+ <string name="pref_dont_trust_system_cas_title">Don\'t trust system CAs</string>
+ <string name="pref_dont_trust_system_cas_summary">All certificates must be manually approved</string>
<plurals name="select_contact">
<item quantity="one">Select %d contact</item>
<item quantity="other">Select %d contacts</item>
diff --git a/src/main/res/xml/preferences.xml b/src/main/res/xml/preferences.xml
index 8bf6eb877..d48124a60 100644
--- a/src/main/res/xml/preferences.xml
+++ b/src/main/res/xml/preferences.xml
@@ -147,6 +147,11 @@
android:key="keep_foreground_service"
android:title="@string/pref_keep_foreground_service"
android:summary="@string/pref_keep_foreground_service_summary" />
+ <CheckBoxPreference
+ android:defaultValue="false"
+ android:key="dont_trust_system_cas"
+ android:title="@string/pref_dont_trust_system_cas_title"
+ android:summary="@string/pref_dont_trust_system_cas_summary" />
</PreferenceCategory>
</PreferenceScreen>