| 406e1ed9883010928cfb42246cfd2710ebf3da74 |
|
10-Dec-2014 |
Narayan Kamath <narayan@google.com> |
Remove apache specific socket factory API.
Note that this change also includes another (non-breaking) update from
another of my changes from a month ago. I guess nobody has updated API on
master in a very long time..
bug: 18027885
Change-Id: I1fb1bcdaac07131c3bc43b13ad21cacd12a2e7c8
/frameworks/base/core/java/android/net/SSLCertificateSocketFactory.java
|
| affff329088e569158e0ee45ee0e580b3c285722 |
|
03-Nov-2014 |
Kenny Root <kroot@google.com> |
am d00ced98: am b0cb0734: Merge "Track change to Conscrypt"
* commit 'd00ced983ee235f72a9261fd967309a2638dde05':
Track change to Conscrypt
|
| 8a970637208207955fb6a719bd82902384b3c743 |
|
31-Oct-2014 |
Kenny Root <kroot@google.com> |
Track change to Conscrypt
Change way in which an outside caller can get the preferred SSLContext.
Bug: 17136008
Change-Id: Ide578664bcb605304322bfddd2e640a63042fa09
/frameworks/base/core/java/android/net/SSLCertificateSocketFactory.java
|
| 823675fdbb7f974b8e2fa9fbb71774b32487582d |
|
23-Oct-2014 |
Narayan Kamath <narayan@google.com> |
Deprecate more apache-http.
bug: 18067888
Change-Id: I50511d53dfc9ae236dfb1646c55a5dd7fa15d7b2
/frameworks/base/core/java/android/net/SSLCertificateSocketFactory.java
|
| e19ca078bf1778a344366672de020e63a80252a9 |
|
13-Aug-2014 |
Kenny Root <kroot@google.com> |
Revert "Remove the warning if the caller gets the insecure variant and add hostname verification (SNI)"
This reverts commit 007392a8a17df8b608f4ccd9129436cb570090d3.
Bug: 16660566
/frameworks/base/core/java/android/net/SSLCertificateSocketFactory.java
|
| be7f22b7a8fefbabda7f6eb051e6009342e95d41 |
|
29-Oct-2013 |
Alex Klyubin <klyubin@google.com> |
am 07873e3a: am 56922039: am b4cae4a9: Merge "Fix SSLCertificateSocketFactory.getDefaultCipherSuites."
* commit '07873e3a72da254bcdf965f6fa76bdcc800ef511':
Fix SSLCertificateSocketFactory.getDefaultCipherSuites.
|
| 019118af67c60448030540deca37d972c8839d38 |
|
29-Oct-2013 |
Alex Klyubin <klyubin@google.com> |
Fix SSLCertificateSocketFactory.getDefaultCipherSuites.
The method was returning all supported cipher suites instead of the
default ones only. The default list of cipher suites actually used by
sockets created by this factory is not affected by this issue.
Change-Id: I2e4d7c6547fcb29ff7a0943bc8791706cc8d22bc
/frameworks/base/core/java/android/net/SSLCertificateSocketFactory.java
|
| 007392a8a17df8b608f4ccd9129436cb570090d3 |
|
11-Oct-2013 |
Costin Manolache <costin@google.com> |
Remove the warning if the caller gets the insecure variant and add hostname verification (SNI)
For insecure - not doing verifiaction is normal and documented behavior, no need for extra warnings.
When upgrading the socket - we need to set SNI before the handshake, with the other options.
Change-Id: I494ca8e783deb1387dc11e21422d2141a6d5a617
/frameworks/base/core/java/android/net/SSLCertificateSocketFactory.java
|
| 4a406787c7dc745ccf82b9f160cc95aea6c81fdf |
|
24-Jul-2013 |
Kenny Root <kroot@google.com> |
Use hostname verifier directly instead of instance
Instead of local instance of the default HostnameVerifier, use it
directly from HttpsURLConnection. This avoids class preloading creating
an instance of it before it's necessary.
(cherry picked from commit 928ee1e48fa89302d02fdf8a8a2c7315d7195e7c)
Bug: 9984058
Change-Id: I9017256b3b5d137aeb5a6f455868af7bdfec7885
/frameworks/base/core/java/android/net/SSLCertificateSocketFactory.java
|
| 928ee1e48fa89302d02fdf8a8a2c7315d7195e7c |
|
24-Jul-2013 |
Kenny Root <kroot@google.com> |
Use hostname verifier directly instead of instance
Instead of local instance of the default HostnameVerifier, use it
directly from HttpsURLConnection. This avoids class preloading creating
an instance of it before it's necessary.
Bug: 9984058
Change-Id: I780249dbd3c7bb346e1b275dcb68e4e2be7ebbbb
/frameworks/base/core/java/android/net/SSLCertificateSocketFactory.java
|
| 100d7290264338c6536739abd59879aaaa812537 |
|
25-Jun-2013 |
Kenny Root <kroot@google.com> |
Add ALPN support to SSL socket factory
This adds the ability to use Application-Layer Protocol Negotiation
(ALPN) through the SSLCertificateSocketFactory. ALPN is essentially
like Next Protocol Negotiation (NPN) but negotiation is done in the
clear. This allows the use of other protocols on the same port (e.g.,
SPDY instead of HTTP on port 80).
Change-Id: Ie62926b455e252c4c98670bbbecc1eb5c6f13990
/frameworks/base/core/java/android/net/SSLCertificateSocketFactory.java
|
| 12e752225aa96888358294be0d725d499a1c9f03 |
|
24-Apr-2013 |
Kenny Root <kroot@google.com> |
Track change to JSSE provider
Change-Id: I35e824e47ad758ab6408e91e2ba5dcda053a82f5
/frameworks/base/core/java/android/net/SSLCertificateSocketFactory.java
|
| ac5eb03a7c317e21573155b88641f4f1daef2eb9 |
|
12-Mar-2013 |
Alex Klyubin <klyubin@google.com> |
Switch TLS Channel ID API from ECPrivateKey to PrivateKey.
This is to accept both the "transparent" and "opaque" ECC private
keys. "Transparent" keys provide structured access to their key
material -- these are instances of ECPrivateKey. "Opaque" private
keys are not required to provide structured (or even any) access to
their key material -- these are instances of PrivateKey.
Change-Id: Ib22e18b45b638b429f994ed965416c753226c4ee
/frameworks/base/core/java/android/net/SSLCertificateSocketFactory.java
|
| 4ef6c9b6a16c9b65699705aaa64977fc60dd3331 |
|
18-Jan-2013 |
Alex Klyubin <klyubin@google.com> |
Add TLS Channel ID support to SSLCertificateSocketFactory.
This adds a new method setChannelIdPrivateKey as a hidden API.
See http://tools.ietf.org/html/draft-balfanz-tls-channelid-00 for
more information about the TLS Channel ID extension.
Change-Id: I73c1905afdce01d4831de7faa55ea4496575b5a5
/frameworks/base/core/java/android/net/SSLCertificateSocketFactory.java
|
| 992f238d13fff7c21b60ef6958784a4ed2156784 |
|
26-Sep-2012 |
Brian Carlstrom <bdc@google.com> |
Reverting public setSoWriteTimeout
This reverts fd901f735c858af8ec8884b2e7ab71a46a9639e6 and 5e21bf934b2a71b595deb9856a2044eea4dbce86
Bug: 7237764
Bug: 6693087
Change-Id: I7cc9657e4df219481eb33de803081a01b13ee0f2
/frameworks/base/core/java/android/net/SSLCertificateSocketFactory.java
|
| fd901f735c858af8ec8884b2e7ab71a46a9639e6 |
|
26-Sep-2012 |
Alon Albert <aalbert@google.com> |
Add a static generator that takes a Socket Write Timeout Argumanet
Use it from AndroidHttpClient
Bug: 6693087
Change-Id: I08648e441a6431d0944caaec0db516a26671f2a5
/frameworks/base/core/java/android/net/SSLCertificateSocketFactory.java
|
| 5e21bf934b2a71b595deb9856a2044eea4dbce86 |
|
23-Sep-2012 |
Brian Carlstrom <bdc@google.com> |
Unhide SSLCertificateSocketFactory.setSoWriteTimeout
Bug: 6693087
Change-Id: I585c2a61226da58077fd7cd7826695ce17380248
/frameworks/base/core/java/android/net/SSLCertificateSocketFactory.java
|
| 7ab7a8b582b29d34ec0fdbd0c727e225f350bb30 |
|
22-Sep-2012 |
Brian Carlstrom <bdc@google.com> |
Add SSLCertificateSocketFactory.setSoWriteTimeout to allow SO_SNDTIMEO to be specified
Bug: 6693087
Change-Id: Id7b07f033b5ff9f01da33d535e01aa909aace8a1
/frameworks/base/core/java/android/net/SSLCertificateSocketFactory.java
|
| b4db962da0fecd9a6f2714148bbdea023610842f |
|
17-Sep-2012 |
Narayan Kamath <narayan@google.com> |
Add APIs to enable SNI and session tickets on sockets.
Change-Id: I34c546b22d31476a670c0e8f5724185e838903b0
/frameworks/base/core/java/android/net/SSLCertificateSocketFactory.java
|
| 2108ead7f125536874d6de6ca1c0c4cffbf61b44 |
|
17-May-2012 |
Jesse Wilson <jessewilson@google.com> |
Change NPN to forbid empty lists of protocols.
Bug: http://b/6438423
Change-Id: Ie89220e5bc219396c15dbe1feaa2f74fa1b243eb
/frameworks/base/core/java/android/net/SSLCertificateSocketFactory.java
|
| f5fb5e80963abeabdf0ff10dcee068344235082e |
|
23-Mar-2012 |
Jesse Wilson <jessewilson@google.com> |
Add an API to expose Next Protocol Negotiation (NPN).
Bug: http://b/4190756
Change-Id: If904f7ff440391a6adb2963eb2ecb990140ab7cc
/frameworks/base/core/java/android/net/SSLCertificateSocketFactory.java
|
| 193bc6d6069e7f18ddeec2436af7a2842320b80d |
|
09-Jun-2011 |
Ben Komalo <benkomalo@google.com> |
Open up setKeyManager/setTrustManager.
The improved keystore will allow clients (Email not the least of them)
to establish SSL connections using custom client certificates. In order
to do this properly, the socket factories they use to establish these
connections need to be able to customize their behavior.
Change-Id: I6e0fa04dd01bd6481dfdad5a71a63e0371d0ad8c
/frameworks/base/core/java/android/net/SSLCertificateSocketFactory.java
|
| 1b52806e21270ccbe90d27f3dd93cbee1a81d09e |
|
03-May-2011 |
Ben Komalo <benkomalo@google.com> |
Makes SSLCertificateSocketFactory more flexible
Specifically, this adds support for specifying custom
{Trust,Key}Managers in the socket factory.
Change-Id: I1fdf6587064c71ae0520f73821923dcad8d140ad
/frameworks/base/core/java/android/net/SSLCertificateSocketFactory.java
|
| ff5569948fda346d95d4615de6578f82d9614be3 |
|
24-Mar-2011 |
Jesse Wilson <jessewilson@google.com> |
Don't link to Harmony implementation details in public APIs.
Change-Id: I8a157d64d87443b512a5b958d52a0769ef01ef7b
/frameworks/base/core/java/android/net/SSLCertificateSocketFactory.java
|
| 762b33f9494ba48aa1be3701d345b692e8432af9 |
|
09-Nov-2010 |
Jesse Wilson <jessewilson@google.com> |
am 2d2f10fa: am 28c74257: Add @Deprecated to match @deprecated where it\'s missing.
* commit '2d2f10fa3412adc07a08c25ba5d2df600fb654bf':
Add @Deprecated to match @deprecated where it's missing.
|
| 28c742573ccaeb55c16bc02fb25fdd86b8d1f76a |
|
04-Nov-2010 |
Jesse Wilson <jessewilson@google.com> |
Add @Deprecated to match @deprecated where it's missing.
Change-Id: Ice95022671968386a601f32df7850f9baa1d2dd0
/frameworks/base/core/java/android/net/SSLCertificateSocketFactory.java
|
| ee8dd6baf848130400af8864e5de142c8a5e3718 |
|
08-Nov-2010 |
Brian Carlstrom <bdc@google.com> |
Delete used import
Change-Id: Ic950e50565aadafd2575561eb03c8e1e2ff45593
/frameworks/base/core/java/android/net/SSLCertificateSocketFactory.java
|
| 405d4db50b3db1fc5e015475218e190d193332d4 |
|
14-Sep-2010 |
Brian Carlstrom <bdc@google.com> |
Rename internal SSLParameters to SSLParametersImpl to avoid collision with new javax.net.ssl.SSLParameters
Bug: 2672817
Change-Id: Ibe20830f024f76232f3628cfca922d49a5a06bef
/frameworks/base/core/java/android/net/SSLCertificateSocketFactory.java
|
| 2c42c8fbaf02be1f3ea6298077128d0c419526f0 |
|
14-Sep-2010 |
Brian Carlstrom <bdc@google.com> |
Remove SSLContextImpl.engineInit(..) that takes persistent cache arguments
Bug: 2672817
Change-Id: If5f10fa16eaf5676a0c1540463759cd4e0e837de
/frameworks/base/core/java/android/net/SSLCertificateSocketFactory.java
|
| 3c7c351a6217ac48b741740167c201a679a0ca65 |
|
05-Aug-2010 |
Brian Carlstrom <bdc@google.com> |
Tracking merge of dalvik-dev to gingerbread
git cherry-pick --no-commit f77cf7f0
git cherry-pick --no-commit c8f503b5285e30c1a881d0ba860ba9021f57d113
git cherry-pick --no-commit 570bb561
git cherry-pick --no-commit e2417541
git cherry-pick --no-commit e4d81f25bd4dc1a5c909b56ab56a56406290da30
git cherry-pick --no-commit 5e8a587d
Change-Id: I101a385d43f3e0f4ce5352217f92ef67a3908c88
/frameworks/base/core/java/android/net/SSLCertificateSocketFactory.java
|
| df27c0c26209fe04de332497beafcafc1fbaad2b |
|
13-Jul-2010 |
Andrew Stadler <stadler@android.com> |
Skip hostname verification when using insecure factory
If the factory was obtained by calling getInsecure(), calls to
createSocket() should skip hostname verification (along with all of the
other skipped safety checks.)
This change slightly relaxes the too-strict checking that was introduced
in change 7fc93c36ae235115727296780dbc35101622bbd4.
Bug: 2834174
Change-Id: Iab7ef861ad0ca727f82ee8cdb78b89b9e835740d
/frameworks/base/core/java/android/net/SSLCertificateSocketFactory.java
|
| 7fc93c36ae235115727296780dbc35101622bbd4 |
|
30-Jun-2010 |
Dan Egnor <egnor@google.com> |
Verify hostname where possible, and clarify where not.
Bug: 2807409
Change-Id: I6f6a6b22a48149d9f1f45ff8f53103b25706ecc0
/frameworks/base/core/java/android/net/SSLCertificateSocketFactory.java
|
| 0dc59b00f28f4d5543cf31627eeec4e913ee0785 |
|
05-Mar-2010 |
Debajit Ghosh <debajit@google.com> |
switching from ro.secure to ro.debuggable for relaxing ssl cert check.
Conflicts:
core/java/android/net/SSLCertificateSocketFactory.java
/frameworks/base/core/java/android/net/SSLCertificateSocketFactory.java
|
| 2269d1572e5fcfb725ea55f5764d8c3280d69f6d |
|
25-Feb-2010 |
Dianne Hackborn <hackbod@google.com> |
Re-arrange android-common so framework no longer links with it.
This is the framework part, moving classes around so the framework
no longer needs to link to android-common. Makes some APIs public,
others that didn't need to be public are private in the framework,
some small things are copied.
/frameworks/base/core/java/android/net/SSLCertificateSocketFactory.java
|
| 9d4b57545300c6de1722094404ae09bf0f6be937 |
|
14-Feb-2010 |
Dan Egnor <egnor@google.com> |
Add getInsecure() that returns a persistently insecure SSLSocketFactory,
which Email needs for unbundling.
Bug: 2353593
/frameworks/base/core/java/android/net/SSLCertificateSocketFactory.java
|
| 60586f2ec65d16d185767fce4311d3ed0e9112ac |
|
09-Feb-2010 |
Dan Egnor <egnor@google.com> |
API CHANGE: Add SSLSessionCache public API to allow unbundled SSL session caching.
Generally clean up the associated SSLCertificateSocketFactory API as well,
change AndroidHttpClient to use this new thing, and make the android-common
library build SDK-clean (woo hoo).
Bug: 2362543
Bug: 2357311
/frameworks/base/core/java/android/net/SSLCertificateSocketFactory.java
|
| 8f028a94fc533e75077485a7d11a04e4de820335 |
|
08-Jan-2010 |
Makoto Onuki <omakoto@google.com> |
Moved DomainNameChecker to android common.
- Moved DomainNameChecker from android.net.http to android common, and renamed to DomainNameValidator.
- Added a simplified version of DNParser, which DomainNameValidator uses instead of X509Name in order to extract Subject Name from a certificate.
- Added unit tests for DomainNameChecker and DNParser.
There's a suspicious comment in DomainNameChecker saying something like "X509Certificate fails to parse a certificate when a subject alt name begins with '*'". I think we should fix it if it's really the case -- otherwise certificates with the wildcard wouldn't work. I'll see if it's true after submitting this patch.
/frameworks/base/core/java/android/net/SSLCertificateSocketFactory.java
|
| e97c2006bf7c391c933307e520a392e532aa5d6a |
|
21-Aug-2009 |
Bob Lee <crazybob@google.com> |
Updated Browser and MCS to use shared default trust manager instead of initializing their own copies.
/frameworks/base/core/java/android/net/SSLCertificateSocketFactory.java
|
| 9066cfe9886ac131c34d59ed0e2d287b0e3c0087 |
|
04-Mar-2009 |
The Android Open Source Project <initial-contribution@android.com> |
auto import from //depot/cupcake/@135843
/frameworks/base/core/java/android/net/SSLCertificateSocketFactory.java
|
| d83a98f4ce9cfa908f5c54bbd70f03eec07e7553 |
|
04-Mar-2009 |
The Android Open Source Project <initial-contribution@android.com> |
auto import from //depot/cupcake/@135843
/frameworks/base/core/java/android/net/SSLCertificateSocketFactory.java
|
| 076357b8567458d4b6dfdcf839ef751634cd2bfb |
|
03-Mar-2009 |
The Android Open Source Project <initial-contribution@android.com> |
auto import from //depot/cupcake/@132589
/frameworks/base/core/java/android/net/SSLCertificateSocketFactory.java
|
| 3dec7d563a2f3e1eb967ce2054a00b6620e3558c |
|
03-Mar-2009 |
The Android Open Source Project <initial-contribution@android.com> |
auto import from //depot/cupcake/@137055
/frameworks/base/core/java/android/net/SSLCertificateSocketFactory.java
|
| 54b6cfa9a9e5b861a9930af873580d6dc20f773c |
|
21-Oct-2008 |
The Android Open Source Project <initial-contribution@android.com> |
Initial Contribution
/frameworks/base/core/java/android/net/SSLCertificateSocketFactory.java
|