Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit df7f15e7 authored by Jon Dormody's avatar Jon Dormody Committed by android-build-merger
Browse files

Merge "Docs: Added a link to Updating Your Security Provider to Protect... 

Merge "Docs: Added a link to Updating Your Security Provider to Protect Against SSL Exploits" into oc-dev am: 45973566 am: 13e959bb am: d9696eb3
am: 5770dfd1

Change-Id: Ide1714d289c756891cbfd63db1eb549d4aa0dfbc
parents fde6ea8d 5770dfd1

core/java/android/net/SSLCertificateSocketFactory.java

+6 −1
Original line number Diff line number Diff line
@@ -63,7 +63,12 @@ import javax.net.ssl.X509TrustManager; 
 * This implementation does check the server's certificate hostname, but only

 * for createSocket variants that specify a hostname.  When using methods that

 * use {@link InetAddress} or which return an unconnected socket, you MUST

 * verify the server's identity yourself to ensure a secure connection.</p>

 * verify the server's identity yourself to ensure a secure connection.

 *

 * Refer to

 * <a href="https://developer.android.com/training/articles/security-gms-provider.html">

 * Updating Your Security Provider to Protect Against SSL Exploits</a>

 * for further information.</p>

 *

 * <p>One way to verify the server's identity is to use

 * {@link HttpsURLConnection#getDefaultHostnameVerifier()} to get a