Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 7cc736da authored by Chad Brubaker's avatar Chad Brubaker
Browse files

Properly handle whitespace in domain entries

Domain entries can contain whitespace (or newlines) which should be
ignored to avoid unexpectedly failing to match a domain.

Bug: 27816377
Change-Id: I3691aa4abd409e7be97ad0cf1eb0195725e1b0ab
parent 7c891700
Loading
Loading
Loading
Loading
+2 −2
Original line number Original line Diff line number Diff line
@@ -111,7 +111,7 @@ public class XmlConfigSource implements ConfigSource {
        if (parser.next() != XmlPullParser.TEXT) {
        if (parser.next() != XmlPullParser.TEXT) {
            throw new ParserException(parser, "Missing pin digest");
            throw new ParserException(parser, "Missing pin digest");
        }
        }
        String digest = parser.getText();
        String digest = parser.getText().trim();
        byte[] decodedDigest = null;
        byte[] decodedDigest = null;
        try {
        try {
            decodedDigest = Base64.decode(digest, 0);
            decodedDigest = Base64.decode(digest, 0);
@@ -168,7 +168,7 @@ public class XmlConfigSource implements ConfigSource {
        if (parser.next() != XmlPullParser.TEXT) {
        if (parser.next() != XmlPullParser.TEXT) {
            throw new ParserException(parser, "Domain name missing");
            throw new ParserException(parser, "Domain name missing");
        }
        }
        String domain = parser.getText().toLowerCase(Locale.US);
        String domain = parser.getText().trim().toLowerCase(Locale.US);
        if (parser.next() != XmlPullParser.END_TAG) {
        if (parser.next() != XmlPullParser.END_TAG) {
            throw new ParserException(parser, "domain contains additional elements");
            throw new ParserException(parser, "domain contains additional elements");
        }
        }
+11 −0
Original line number Original line Diff line number Diff line
<?xml version="1.0" encoding="utf-8"?>
<network-security-config>
  <domain-config>
    <domain>android.com
    </domain>
    <domain>   developer.android.com    </domain>
    <pin-set>
      <pin digest="SHA-256">  7HIpactkIAq2Y49orFOOQKurWxmmSFZhBCoQYcRhJ3Y=  </pin>
    </pin-set>
  </domain-config>
</network-security-config>
+12 −0
Original line number Original line Diff line number Diff line
@@ -464,4 +464,16 @@ public class XmlConfigTests extends AndroidTestCase {
        } catch (RuntimeException expected) {
        } catch (RuntimeException expected) {
        }
        }
    }
    }

    public void testDomainWhitespaceTrimming() throws Exception {
        XmlConfigSource source =
                new XmlConfigSource(getContext(), R.xml.domain_whitespace, false);
        ApplicationConfig appConfig = new ApplicationConfig(source);
        NetworkSecurityConfig defaultConfig = appConfig.getConfigForHostname("");
        MoreAsserts.assertNotEqual(defaultConfig, appConfig.getConfigForHostname("developer.android.com"));
        MoreAsserts.assertNotEqual(defaultConfig, appConfig.getConfigForHostname("android.com"));
        SSLContext context = TestUtils.getSSLContext(source);
        TestUtils.assertConnectionSucceeds(context, "android.com", 443);
        TestUtils.assertConnectionSucceeds(context, "developer.android.com", 443);
    }
}
}