delete cached posh file after not being able to verify

This commit is contained in:
Daniel Gultsch 2019-11-18 19:12:04 +01:00
parent 9fb94d83db
commit 10c5d151d3

View file

@ -179,7 +179,7 @@ public class MemorizingTrustManager {
File dir = app.getDir(KEYSTORE_DIR, Context.MODE_PRIVATE); File dir = app.getDir(KEYSTORE_DIR, Context.MODE_PRIVATE);
keyStoreFile = new File(dir + File.separator + KEYSTORE_FILE); keyStoreFile = new File(dir + File.separator + KEYSTORE_FILE);
poshCacheDir = app.getFilesDir().getAbsolutePath()+"/posh_cache/"; poshCacheDir = app.getCacheDir().getAbsolutePath()+"/posh_cache/";
appKeyStore = loadAppKeyStore(); appKeyStore = loadAppKeyStore();
} }
@ -427,14 +427,18 @@ public class MemorizingTrustManager {
} catch (CertificateException e) { } catch (CertificateException e) {
boolean trustSystemCAs = !PreferenceManager.getDefaultSharedPreferences(master).getBoolean("dont_trust_system_cas", false); boolean trustSystemCAs = !PreferenceManager.getDefaultSharedPreferences(master).getBoolean("dont_trust_system_cas", false);
if (domain != null && isServer && trustSystemCAs && !isIp(domain)) { if (domain != null && isServer && trustSystemCAs && !isIp(domain)) {
String hash = getBase64Hash(chain[0],"SHA-256"); final String hash = getBase64Hash(chain[0],"SHA-256");
List<String> fingerprints = getPoshFingerprints(domain); final List<String> fingerprints = getPoshFingerprints(domain);
if (hash != null && fingerprints.contains(hash)) { if (hash != null && fingerprints.size() > 0) {
if (fingerprints.contains(hash)) {
Log.d("mtm","trusted cert fingerprint of "+domain+" via posh"); Log.d("mtm","trusted cert fingerprint of "+domain+" via posh");
return; return;
} }
if (getPoshCacheFile(domain).delete()) {
Log.d("mtm", "deleted posh file for "+domain+" after not being able to verify");
}
}
} }
e.printStackTrace();
if (interactive) { if (interactive) {
interactCert(chain, authType, e); interactCert(chain, authType, e);
} else { } else {