Android/frameworks_base
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge "Properly handle whitespace in domain entries" into nyc-dev am: 2e6aa19

Browse Source 
am: 1b55d74

* commit '1b55d74981d13031528e001c35840fab35c71e98':
  Properly handle whitespace in domain entries
This commit is contained in:
Chad Brubaker
2016-03-23 22:52:39 +00:00
committed by android-build-merger
parent d0f1fdc44d 1b55d74981
commit 1cf689b0fd
3 changed files with 25 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
core/java/android/security/net/config/XmlConfigSource.java
View File

@@ -111,7 +111,7 @@ public class XmlConfigSource implements ConfigSource {
if (parser.next() != XmlPullParser.TEXT) {
throw new ParserException(parser, "Missing pin digest");
}
String digest = parser.getText();
String digest = parser.getText().trim();
byte[] decodedDigest = null;
try {
decodedDigest = Base64.decode(digest, 0);
@@ -168,7 +168,7 @@ public class XmlConfigSource implements ConfigSource {
if (parser.next() != XmlPullParser.TEXT) {
throw new ParserException(parser, "Domain name missing");
}
String domain = parser.getText().toLowerCase(Locale.US);
String domain = parser.getText().trim().toLowerCase(Locale.US);
if (parser.next() != XmlPullParser.END_TAG) {
throw new ParserException(parser, "domain contains additional elements");
}

11
tests/NetworkSecurityConfigTest/res/xml/domain_whitespace.xml Normal file
View File

@@ -0,0 +1,11 @@
<?xml version="1.0" encoding="utf-8"?>
<network-security-config>
<domain-config>
<domain>android.com
</domain>
<domain> developer.android.com </domain>
<pin-set>
<pin digest="SHA-256"> 7HIpactkIAq2Y49orFOOQKurWxmmSFZhBCoQYcRhJ3Y= </pin>
</pin-set>
</domain-config>
</network-security-config>

12
tests/NetworkSecurityConfigTest/src/android/security/net/config/XmlConfigTests.java
View File

@@ -464,4 +464,16 @@ public class XmlConfigTests extends AndroidTestCase {
} catch (RuntimeException expected) {
}
}
public void testDomainWhitespaceTrimming() throws Exception {
XmlConfigSource source =
new XmlConfigSource(getContext(), R.xml.domain_whitespace, false);
ApplicationConfig appConfig = new ApplicationConfig(source);
NetworkSecurityConfig defaultConfig = appConfig.getConfigForHostname("");
MoreAsserts.assertNotEqual(defaultConfig, appConfig.getConfigForHostname("developer.android.com"));
MoreAsserts.assertNotEqual(defaultConfig, appConfig.getConfigForHostname("android.com"));
SSLContext context = TestUtils.getSSLContext(source);
TestUtils.assertConnectionSucceeds(context, "android.com", 443);
TestUtils.assertConnectionSucceeds(context, "developer.android.com", 443);
}
}