406e1ed9883010928cfb42246cfd2710ebf3da74 |
|
10-Dec-2014 |
Narayan Kamath <narayan@google.com> |
Remove apache specific socket factory API. Note that this change also includes another (non-breaking) update from another of my changes from a month ago. I guess nobody has updated API on master in a very long time.. bug: 18027885 Change-Id: I1fb1bcdaac07131c3bc43b13ad21cacd12a2e7c8
/frameworks/base/core/java/android/net/SSLCertificateSocketFactory.java
|
affff329088e569158e0ee45ee0e580b3c285722 |
|
03-Nov-2014 |
Kenny Root <kroot@google.com> |
am d00ced98: am b0cb0734: Merge "Track change to Conscrypt" * commit 'd00ced983ee235f72a9261fd967309a2638dde05': Track change to Conscrypt
|
8a970637208207955fb6a719bd82902384b3c743 |
|
31-Oct-2014 |
Kenny Root <kroot@google.com> |
Track change to Conscrypt Change way in which an outside caller can get the preferred SSLContext. Bug: 17136008 Change-Id: Ide578664bcb605304322bfddd2e640a63042fa09
/frameworks/base/core/java/android/net/SSLCertificateSocketFactory.java
|
823675fdbb7f974b8e2fa9fbb71774b32487582d |
|
23-Oct-2014 |
Narayan Kamath <narayan@google.com> |
Deprecate more apache-http. bug: 18067888 Change-Id: I50511d53dfc9ae236dfb1646c55a5dd7fa15d7b2
/frameworks/base/core/java/android/net/SSLCertificateSocketFactory.java
|
e19ca078bf1778a344366672de020e63a80252a9 |
|
13-Aug-2014 |
Kenny Root <kroot@google.com> |
Revert "Remove the warning if the caller gets the insecure variant and add hostname verification (SNI)" This reverts commit 007392a8a17df8b608f4ccd9129436cb570090d3. Bug: 16660566
/frameworks/base/core/java/android/net/SSLCertificateSocketFactory.java
|
be7f22b7a8fefbabda7f6eb051e6009342e95d41 |
|
29-Oct-2013 |
Alex Klyubin <klyubin@google.com> |
am 07873e3a: am 56922039: am b4cae4a9: Merge "Fix SSLCertificateSocketFactory.getDefaultCipherSuites." * commit '07873e3a72da254bcdf965f6fa76bdcc800ef511': Fix SSLCertificateSocketFactory.getDefaultCipherSuites.
|
019118af67c60448030540deca37d972c8839d38 |
|
29-Oct-2013 |
Alex Klyubin <klyubin@google.com> |
Fix SSLCertificateSocketFactory.getDefaultCipherSuites. The method was returning all supported cipher suites instead of the default ones only. The default list of cipher suites actually used by sockets created by this factory is not affected by this issue. Change-Id: I2e4d7c6547fcb29ff7a0943bc8791706cc8d22bc
/frameworks/base/core/java/android/net/SSLCertificateSocketFactory.java
|
007392a8a17df8b608f4ccd9129436cb570090d3 |
|
11-Oct-2013 |
Costin Manolache <costin@google.com> |
Remove the warning if the caller gets the insecure variant and add hostname verification (SNI) For insecure - not doing verifiaction is normal and documented behavior, no need for extra warnings. When upgrading the socket - we need to set SNI before the handshake, with the other options. Change-Id: I494ca8e783deb1387dc11e21422d2141a6d5a617
/frameworks/base/core/java/android/net/SSLCertificateSocketFactory.java
|
4a406787c7dc745ccf82b9f160cc95aea6c81fdf |
|
24-Jul-2013 |
Kenny Root <kroot@google.com> |
Use hostname verifier directly instead of instance Instead of local instance of the default HostnameVerifier, use it directly from HttpsURLConnection. This avoids class preloading creating an instance of it before it's necessary. (cherry picked from commit 928ee1e48fa89302d02fdf8a8a2c7315d7195e7c) Bug: 9984058 Change-Id: I9017256b3b5d137aeb5a6f455868af7bdfec7885
/frameworks/base/core/java/android/net/SSLCertificateSocketFactory.java
|
928ee1e48fa89302d02fdf8a8a2c7315d7195e7c |
|
24-Jul-2013 |
Kenny Root <kroot@google.com> |
Use hostname verifier directly instead of instance Instead of local instance of the default HostnameVerifier, use it directly from HttpsURLConnection. This avoids class preloading creating an instance of it before it's necessary. Bug: 9984058 Change-Id: I780249dbd3c7bb346e1b275dcb68e4e2be7ebbbb
/frameworks/base/core/java/android/net/SSLCertificateSocketFactory.java
|
100d7290264338c6536739abd59879aaaa812537 |
|
25-Jun-2013 |
Kenny Root <kroot@google.com> |
Add ALPN support to SSL socket factory This adds the ability to use Application-Layer Protocol Negotiation (ALPN) through the SSLCertificateSocketFactory. ALPN is essentially like Next Protocol Negotiation (NPN) but negotiation is done in the clear. This allows the use of other protocols on the same port (e.g., SPDY instead of HTTP on port 80). Change-Id: Ie62926b455e252c4c98670bbbecc1eb5c6f13990
/frameworks/base/core/java/android/net/SSLCertificateSocketFactory.java
|
12e752225aa96888358294be0d725d499a1c9f03 |
|
24-Apr-2013 |
Kenny Root <kroot@google.com> |
Track change to JSSE provider Change-Id: I35e824e47ad758ab6408e91e2ba5dcda053a82f5
/frameworks/base/core/java/android/net/SSLCertificateSocketFactory.java
|
ac5eb03a7c317e21573155b88641f4f1daef2eb9 |
|
12-Mar-2013 |
Alex Klyubin <klyubin@google.com> |
Switch TLS Channel ID API from ECPrivateKey to PrivateKey. This is to accept both the "transparent" and "opaque" ECC private keys. "Transparent" keys provide structured access to their key material -- these are instances of ECPrivateKey. "Opaque" private keys are not required to provide structured (or even any) access to their key material -- these are instances of PrivateKey. Change-Id: Ib22e18b45b638b429f994ed965416c753226c4ee
/frameworks/base/core/java/android/net/SSLCertificateSocketFactory.java
|
4ef6c9b6a16c9b65699705aaa64977fc60dd3331 |
|
18-Jan-2013 |
Alex Klyubin <klyubin@google.com> |
Add TLS Channel ID support to SSLCertificateSocketFactory. This adds a new method setChannelIdPrivateKey as a hidden API. See http://tools.ietf.org/html/draft-balfanz-tls-channelid-00 for more information about the TLS Channel ID extension. Change-Id: I73c1905afdce01d4831de7faa55ea4496575b5a5
/frameworks/base/core/java/android/net/SSLCertificateSocketFactory.java
|
992f238d13fff7c21b60ef6958784a4ed2156784 |
|
26-Sep-2012 |
Brian Carlstrom <bdc@google.com> |
Reverting public setSoWriteTimeout This reverts fd901f735c858af8ec8884b2e7ab71a46a9639e6 and 5e21bf934b2a71b595deb9856a2044eea4dbce86 Bug: 7237764 Bug: 6693087 Change-Id: I7cc9657e4df219481eb33de803081a01b13ee0f2
/frameworks/base/core/java/android/net/SSLCertificateSocketFactory.java
|
fd901f735c858af8ec8884b2e7ab71a46a9639e6 |
|
26-Sep-2012 |
Alon Albert <aalbert@google.com> |
Add a static generator that takes a Socket Write Timeout Argumanet Use it from AndroidHttpClient Bug: 6693087 Change-Id: I08648e441a6431d0944caaec0db516a26671f2a5
/frameworks/base/core/java/android/net/SSLCertificateSocketFactory.java
|
5e21bf934b2a71b595deb9856a2044eea4dbce86 |
|
23-Sep-2012 |
Brian Carlstrom <bdc@google.com> |
Unhide SSLCertificateSocketFactory.setSoWriteTimeout Bug: 6693087 Change-Id: I585c2a61226da58077fd7cd7826695ce17380248
/frameworks/base/core/java/android/net/SSLCertificateSocketFactory.java
|
7ab7a8b582b29d34ec0fdbd0c727e225f350bb30 |
|
22-Sep-2012 |
Brian Carlstrom <bdc@google.com> |
Add SSLCertificateSocketFactory.setSoWriteTimeout to allow SO_SNDTIMEO to be specified Bug: 6693087 Change-Id: Id7b07f033b5ff9f01da33d535e01aa909aace8a1
/frameworks/base/core/java/android/net/SSLCertificateSocketFactory.java
|
b4db962da0fecd9a6f2714148bbdea023610842f |
|
17-Sep-2012 |
Narayan Kamath <narayan@google.com> |
Add APIs to enable SNI and session tickets on sockets. Change-Id: I34c546b22d31476a670c0e8f5724185e838903b0
/frameworks/base/core/java/android/net/SSLCertificateSocketFactory.java
|
2108ead7f125536874d6de6ca1c0c4cffbf61b44 |
|
17-May-2012 |
Jesse Wilson <jessewilson@google.com> |
Change NPN to forbid empty lists of protocols. Bug: http://b/6438423 Change-Id: Ie89220e5bc219396c15dbe1feaa2f74fa1b243eb
/frameworks/base/core/java/android/net/SSLCertificateSocketFactory.java
|
f5fb5e80963abeabdf0ff10dcee068344235082e |
|
23-Mar-2012 |
Jesse Wilson <jessewilson@google.com> |
Add an API to expose Next Protocol Negotiation (NPN). Bug: http://b/4190756 Change-Id: If904f7ff440391a6adb2963eb2ecb990140ab7cc
/frameworks/base/core/java/android/net/SSLCertificateSocketFactory.java
|
193bc6d6069e7f18ddeec2436af7a2842320b80d |
|
09-Jun-2011 |
Ben Komalo <benkomalo@google.com> |
Open up setKeyManager/setTrustManager. The improved keystore will allow clients (Email not the least of them) to establish SSL connections using custom client certificates. In order to do this properly, the socket factories they use to establish these connections need to be able to customize their behavior. Change-Id: I6e0fa04dd01bd6481dfdad5a71a63e0371d0ad8c
/frameworks/base/core/java/android/net/SSLCertificateSocketFactory.java
|
1b52806e21270ccbe90d27f3dd93cbee1a81d09e |
|
03-May-2011 |
Ben Komalo <benkomalo@google.com> |
Makes SSLCertificateSocketFactory more flexible Specifically, this adds support for specifying custom {Trust,Key}Managers in the socket factory. Change-Id: I1fdf6587064c71ae0520f73821923dcad8d140ad
/frameworks/base/core/java/android/net/SSLCertificateSocketFactory.java
|
ff5569948fda346d95d4615de6578f82d9614be3 |
|
24-Mar-2011 |
Jesse Wilson <jessewilson@google.com> |
Don't link to Harmony implementation details in public APIs. Change-Id: I8a157d64d87443b512a5b958d52a0769ef01ef7b
/frameworks/base/core/java/android/net/SSLCertificateSocketFactory.java
|
762b33f9494ba48aa1be3701d345b692e8432af9 |
|
09-Nov-2010 |
Jesse Wilson <jessewilson@google.com> |
am 2d2f10fa: am 28c74257: Add @Deprecated to match @deprecated where it\'s missing. * commit '2d2f10fa3412adc07a08c25ba5d2df600fb654bf': Add @Deprecated to match @deprecated where it's missing.
|
28c742573ccaeb55c16bc02fb25fdd86b8d1f76a |
|
04-Nov-2010 |
Jesse Wilson <jessewilson@google.com> |
Add @Deprecated to match @deprecated where it's missing. Change-Id: Ice95022671968386a601f32df7850f9baa1d2dd0
/frameworks/base/core/java/android/net/SSLCertificateSocketFactory.java
|
ee8dd6baf848130400af8864e5de142c8a5e3718 |
|
08-Nov-2010 |
Brian Carlstrom <bdc@google.com> |
Delete used import Change-Id: Ic950e50565aadafd2575561eb03c8e1e2ff45593
/frameworks/base/core/java/android/net/SSLCertificateSocketFactory.java
|
405d4db50b3db1fc5e015475218e190d193332d4 |
|
14-Sep-2010 |
Brian Carlstrom <bdc@google.com> |
Rename internal SSLParameters to SSLParametersImpl to avoid collision with new javax.net.ssl.SSLParameters Bug: 2672817 Change-Id: Ibe20830f024f76232f3628cfca922d49a5a06bef
/frameworks/base/core/java/android/net/SSLCertificateSocketFactory.java
|
2c42c8fbaf02be1f3ea6298077128d0c419526f0 |
|
14-Sep-2010 |
Brian Carlstrom <bdc@google.com> |
Remove SSLContextImpl.engineInit(..) that takes persistent cache arguments Bug: 2672817 Change-Id: If5f10fa16eaf5676a0c1540463759cd4e0e837de
/frameworks/base/core/java/android/net/SSLCertificateSocketFactory.java
|
3c7c351a6217ac48b741740167c201a679a0ca65 |
|
05-Aug-2010 |
Brian Carlstrom <bdc@google.com> |
Tracking merge of dalvik-dev to gingerbread git cherry-pick --no-commit f77cf7f0 git cherry-pick --no-commit c8f503b5285e30c1a881d0ba860ba9021f57d113 git cherry-pick --no-commit 570bb561 git cherry-pick --no-commit e2417541 git cherry-pick --no-commit e4d81f25bd4dc1a5c909b56ab56a56406290da30 git cherry-pick --no-commit 5e8a587d Change-Id: I101a385d43f3e0f4ce5352217f92ef67a3908c88
/frameworks/base/core/java/android/net/SSLCertificateSocketFactory.java
|
df27c0c26209fe04de332497beafcafc1fbaad2b |
|
13-Jul-2010 |
Andrew Stadler <stadler@android.com> |
Skip hostname verification when using insecure factory If the factory was obtained by calling getInsecure(), calls to createSocket() should skip hostname verification (along with all of the other skipped safety checks.) This change slightly relaxes the too-strict checking that was introduced in change 7fc93c36ae235115727296780dbc35101622bbd4. Bug: 2834174 Change-Id: Iab7ef861ad0ca727f82ee8cdb78b89b9e835740d
/frameworks/base/core/java/android/net/SSLCertificateSocketFactory.java
|
7fc93c36ae235115727296780dbc35101622bbd4 |
|
30-Jun-2010 |
Dan Egnor <egnor@google.com> |
Verify hostname where possible, and clarify where not. Bug: 2807409 Change-Id: I6f6a6b22a48149d9f1f45ff8f53103b25706ecc0
/frameworks/base/core/java/android/net/SSLCertificateSocketFactory.java
|
0dc59b00f28f4d5543cf31627eeec4e913ee0785 |
|
05-Mar-2010 |
Debajit Ghosh <debajit@google.com> |
switching from ro.secure to ro.debuggable for relaxing ssl cert check. Conflicts: core/java/android/net/SSLCertificateSocketFactory.java
/frameworks/base/core/java/android/net/SSLCertificateSocketFactory.java
|
2269d1572e5fcfb725ea55f5764d8c3280d69f6d |
|
25-Feb-2010 |
Dianne Hackborn <hackbod@google.com> |
Re-arrange android-common so framework no longer links with it. This is the framework part, moving classes around so the framework no longer needs to link to android-common. Makes some APIs public, others that didn't need to be public are private in the framework, some small things are copied.
/frameworks/base/core/java/android/net/SSLCertificateSocketFactory.java
|
9d4b57545300c6de1722094404ae09bf0f6be937 |
|
14-Feb-2010 |
Dan Egnor <egnor@google.com> |
Add getInsecure() that returns a persistently insecure SSLSocketFactory, which Email needs for unbundling. Bug: 2353593
/frameworks/base/core/java/android/net/SSLCertificateSocketFactory.java
|
60586f2ec65d16d185767fce4311d3ed0e9112ac |
|
09-Feb-2010 |
Dan Egnor <egnor@google.com> |
API CHANGE: Add SSLSessionCache public API to allow unbundled SSL session caching. Generally clean up the associated SSLCertificateSocketFactory API as well, change AndroidHttpClient to use this new thing, and make the android-common library build SDK-clean (woo hoo). Bug: 2362543 Bug: 2357311
/frameworks/base/core/java/android/net/SSLCertificateSocketFactory.java
|
8f028a94fc533e75077485a7d11a04e4de820335 |
|
08-Jan-2010 |
Makoto Onuki <omakoto@google.com> |
Moved DomainNameChecker to android common. - Moved DomainNameChecker from android.net.http to android common, and renamed to DomainNameValidator. - Added a simplified version of DNParser, which DomainNameValidator uses instead of X509Name in order to extract Subject Name from a certificate. - Added unit tests for DomainNameChecker and DNParser. There's a suspicious comment in DomainNameChecker saying something like "X509Certificate fails to parse a certificate when a subject alt name begins with '*'". I think we should fix it if it's really the case -- otherwise certificates with the wildcard wouldn't work. I'll see if it's true after submitting this patch.
/frameworks/base/core/java/android/net/SSLCertificateSocketFactory.java
|
e97c2006bf7c391c933307e520a392e532aa5d6a |
|
21-Aug-2009 |
Bob Lee <crazybob@google.com> |
Updated Browser and MCS to use shared default trust manager instead of initializing their own copies.
/frameworks/base/core/java/android/net/SSLCertificateSocketFactory.java
|
9066cfe9886ac131c34d59ed0e2d287b0e3c0087 |
|
04-Mar-2009 |
The Android Open Source Project <initial-contribution@android.com> |
auto import from //depot/cupcake/@135843
/frameworks/base/core/java/android/net/SSLCertificateSocketFactory.java
|
d83a98f4ce9cfa908f5c54bbd70f03eec07e7553 |
|
04-Mar-2009 |
The Android Open Source Project <initial-contribution@android.com> |
auto import from //depot/cupcake/@135843
/frameworks/base/core/java/android/net/SSLCertificateSocketFactory.java
|
076357b8567458d4b6dfdcf839ef751634cd2bfb |
|
03-Mar-2009 |
The Android Open Source Project <initial-contribution@android.com> |
auto import from //depot/cupcake/@132589
/frameworks/base/core/java/android/net/SSLCertificateSocketFactory.java
|
3dec7d563a2f3e1eb967ce2054a00b6620e3558c |
|
03-Mar-2009 |
The Android Open Source Project <initial-contribution@android.com> |
auto import from //depot/cupcake/@137055
/frameworks/base/core/java/android/net/SSLCertificateSocketFactory.java
|
54b6cfa9a9e5b861a9930af873580d6dc20f773c |
|
21-Oct-2008 |
The Android Open Source Project <initial-contribution@android.com> |
Initial Contribution
/frameworks/base/core/java/android/net/SSLCertificateSocketFactory.java
|