diff options
author | BrianBlade <n.gelbertz@gmail.com> | 2015-04-02 13:35:42 +0200 |
---|---|---|
committer | BrianBlade <n.gelbertz@gmail.com> | 2015-04-11 15:13:42 +0200 |
commit | 878066ca99c1170479fb217d68ecdb9cf5498975 (patch) | |
tree | c866ad43ba2b8529801c5bd2c0b4ecdf507faec3 | |
parent | 7eabdfd80f50634282307f45c5f99ab46181805d (diff) |
Add option to use MTM without default TrustManager
Add a new "Don't trust system CAs" preference under advanced options
that will change the behaviour of the MemorizingTrustManager. All
formerly unknown certificates will raise a warning if checked.
-rw-r--r-- | src/main/java/eu/siacs/conversations/services/XmppConnectionService.java | 19 | ||||
-rw-r--r-- | src/main/java/eu/siacs/conversations/ui/SettingsActivity.java | 3 | ||||
-rw-r--r-- | src/main/res/values-de/strings.xml | 2 | ||||
-rw-r--r-- | src/main/res/values/strings.xml | 2 | ||||
-rw-r--r-- | src/main/res/xml/preferences.xml | 5 |
5 files changed, 27 insertions, 4 deletions
diff --git a/src/main/java/eu/siacs/conversations/services/XmppConnectionService.java b/src/main/java/eu/siacs/conversations/services/XmppConnectionService.java index ca182867a..f94e715eb 100644 --- a/src/main/java/eu/siacs/conversations/services/XmppConnectionService.java +++ b/src/main/java/eu/siacs/conversations/services/XmppConnectionService.java @@ -532,9 +532,7 @@ public class XmppConnectionService extends Service implements OnPhoneContactsLoa ExceptionHelper.init(getApplicationContext()); PRNGFixes.apply(); this.mRandom = new SecureRandom(); - this.mMemorizingTrustManager = new MemorizingTrustManager( - getApplicationContext()); - + updateMemorizingTrustmanager(); final int maxMemory = (int) (Runtime.getRuntime().maxMemory() / 1024); final int cacheSize = maxMemory / 8; this.mBitmapCache = new LruCache<String, Bitmap>(cacheSize) { @@ -2185,6 +2183,21 @@ public class XmppConnectionService extends Service implements OnPhoneContactsLoa return this.mMemorizingTrustManager; } + public void setMemorizingTrustManager(MemorizingTrustManager trustManager) { + this.mMemorizingTrustManager = trustManager; + } + + public void updateMemorizingTrustmanager() { + final MemorizingTrustManager tm; + final boolean dontTrustSystemCAs = getPreferences().getBoolean("dont_trust_system_cas", false); + if (dontTrustSystemCAs) { + tm = new MemorizingTrustManager(getApplicationContext(), null); + } else { + tm = new MemorizingTrustManager(getApplicationContext()); + } + setMemorizingTrustManager(tm); + } + public PowerManager getPowerManager() { return this.pm; } diff --git a/src/main/java/eu/siacs/conversations/ui/SettingsActivity.java b/src/main/java/eu/siacs/conversations/ui/SettingsActivity.java index 39e215f2b..1bc59b138 100644 --- a/src/main/java/eu/siacs/conversations/ui/SettingsActivity.java +++ b/src/main/java/eu/siacs/conversations/ui/SettingsActivity.java @@ -79,7 +79,8 @@ public class SettingsActivity extends XmppActivity implements } } } + } else if (name.equals("dont_trust_system_cas")) { + xmppConnectionService.updateMemorizingTrustmanager(); } } - } diff --git a/src/main/res/values-de/strings.xml b/src/main/res/values-de/strings.xml index 0dd9f4011..d5533061b 100644 --- a/src/main/res/values-de/strings.xml +++ b/src/main/res/values-de/strings.xml @@ -427,6 +427,8 @@ <string name="no_application_found_to_display_location">Keine App für die Standort-Anzeige gefunden</string> <string name="location">Standort</string> <string name="received_location">Standort empfangen</string> + <string name="pref_dont_trust_system_cas_title">Misstraue Zertifizierungsstellen</string> + <string name="pref_dont_trust_system_cas_summary">Alle Zertifikate müssen manuell bestätigt werden</string> <plurals name="select_contact"> <item quantity="one">%d Kontakt ausgewählt</item> <item quantity="other">%d Kontakte ausgewählt</item> diff --git a/src/main/res/values/strings.xml b/src/main/res/values/strings.xml index af56c0146..28bb71e95 100644 --- a/src/main/res/values/strings.xml +++ b/src/main/res/values/strings.xml @@ -454,6 +454,8 @@ <string name="no_application_found_to_display_location">No application found to display location</string> <string name="location">Location</string> <string name="received_location">Received location</string> + <string name="pref_dont_trust_system_cas_title">Don\'t trust system CAs</string> + <string name="pref_dont_trust_system_cas_summary">All certificates must be manually approved</string> <plurals name="select_contact"> <item quantity="one">Select %d contact</item> <item quantity="other">Select %d contacts</item> diff --git a/src/main/res/xml/preferences.xml b/src/main/res/xml/preferences.xml index 8bf6eb877..d48124a60 100644 --- a/src/main/res/xml/preferences.xml +++ b/src/main/res/xml/preferences.xml @@ -147,6 +147,11 @@ android:key="keep_foreground_service" android:title="@string/pref_keep_foreground_service" android:summary="@string/pref_keep_foreground_service_summary" /> + <CheckBoxPreference + android:defaultValue="false" + android:key="dont_trust_system_cas" + android:title="@string/pref_dont_trust_system_cas_title" + android:summary="@string/pref_dont_trust_system_cas_summary" /> </PreferenceCategory> </PreferenceScreen> |