Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit d9696eb3 authored by Jon Dormody's avatar Jon Dormody Committed by android-build-merger
Browse files

Merge "Docs: Added a link to Updating Your Security Provider to Protect... 

Merge "Docs: Added a link to Updating Your Security Provider to Protect Against SSL Exploits" into oc-dev am: 45973566
am: 13e959bb

Change-Id: Ic15e947e38c10d394081598e2c2886854388996a
parents 97ff9f9d 13e959bb

core/java/android/net/SSLCertificateSocketFactory.java

+6 −1
Original line number Diff line number Diff line
@@ -63,7 +63,12 @@ import javax.net.ssl.X509TrustManager; 
 * This implementation does check the server's certificate hostname, but only

 * for createSocket variants that specify a hostname.  When using methods that

 * use {@link InetAddress} or which return an unconnected socket, you MUST

 * verify the server's identity yourself to ensure a secure connection.</p>

 * verify the server's identity yourself to ensure a secure connection.

 *

 * Refer to

 * <a href="https://developer.android.com/training/articles/security-gms-provider.html">

 * Updating Your Security Provider to Protect Against SSL Exploits</a>

 * for further information.</p>

 *

 * <p>One way to verify the server's identity is to use

 * {@link HttpsURLConnection#getDefaultHostnameVerifier()} to get a