Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 7cc736da authored Mar 23, 2016 by Chad Brubaker

Properly handle whitespace in domain entries

Domain entries can contain whitespace (or newlines) which should be
ignored to avoid unexpectedly failing to match a domain.

Bug: 27816377
Change-Id: I3691aa4abd409e7be97ad0cf1eb0195725e1b0ab

parent 7c891700

core/java/android/security/net/config/XmlConfigSource.java

+2 −2

Original line number	Original line	Diff line number	Diff line
	@@ -111,7 +111,7 @@ public class XmlConfigSource implements ConfigSource {
	if (parser.next() != XmlPullParser.TEXT) {		if (parser.next() != XmlPullParser.TEXT) {
	throw new ParserException(parser, "Missing pin digest");		throw new ParserException(parser, "Missing pin digest");
	}		}
	String digest = parser.getText();		String digest = parser.getText().trim();
	byte[] decodedDigest = null;		byte[] decodedDigest = null;
	try {		try {
	decodedDigest = Base64.decode(digest, 0);		decodedDigest = Base64.decode(digest, 0);
	@@ -168,7 +168,7 @@ public class XmlConfigSource implements ConfigSource {
	if (parser.next() != XmlPullParser.TEXT) {		if (parser.next() != XmlPullParser.TEXT) {
	throw new ParserException(parser, "Domain name missing");		throw new ParserException(parser, "Domain name missing");
	}		}
	String domain = parser.getText().toLowerCase(Locale.US);		String domain = parser.getText().trim().toLowerCase(Locale.US);
	if (parser.next() != XmlPullParser.END_TAG) {		if (parser.next() != XmlPullParser.END_TAG) {
	throw new ParserException(parser, "domain contains additional elements");		throw new ParserException(parser, "domain contains additional elements");
	}		}

tests/NetworkSecurityConfigTest/res/xml/domain_whitespace.xml

0 → 100644

+11 −0

Original line number	Original line	Diff line number	Diff line
			<?xml version="1.0" encoding="utf-8"?>
			<network-security-config>
			<domain-config>
			<domain>android.com
			</domain>
			<domain> developer.android.com </domain>
			<pin-set>
			<pin digest="SHA-256"> 7HIpactkIAq2Y49orFOOQKurWxmmSFZhBCoQYcRhJ3Y= </pin>
			</pin-set>
			</domain-config>
			</network-security-config>

tests/NetworkSecurityConfigTest/src/android/security/net/config/XmlConfigTests.java

+12 −0

Original line number	Original line	Diff line number	Diff line
	@@ -464,4 +464,16 @@ public class XmlConfigTests extends AndroidTestCase {
	} catch (RuntimeException expected) {		} catch (RuntimeException expected) {
	}		}
	}		}

			public void testDomainWhitespaceTrimming() throws Exception {
			XmlConfigSource source =
			new XmlConfigSource(getContext(), R.xml.domain_whitespace, false);
			ApplicationConfig appConfig = new ApplicationConfig(source);
			NetworkSecurityConfig defaultConfig = appConfig.getConfigForHostname("");
			MoreAsserts.assertNotEqual(defaultConfig, appConfig.getConfigForHostname("developer.android.com"));
			MoreAsserts.assertNotEqual(defaultConfig, appConfig.getConfigForHostname("android.com"));
			SSLContext context = TestUtils.getSSLContext(source);
			TestUtils.assertConnectionSucceeds(context, "android.com", 443);
			TestUtils.assertConnectionSucceeds(context, "developer.android.com", 443);
			}
	}		}