Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit f219f23a authored by Steve Block's avatar Steve Block
Browse files

Fix SslCertLookupTable to correctly determine whether we have a valid cached decision 

We should only re-use a cached 'allow' decision if the decision ...
- is for the same host
- is for an error which is at least as severe as the current error

Bug: 5409251
Change-Id: Id8516f58c8d23de44e80539ffeaf945be3d2914a
parent 4198627a

core/java/android/webkit/SslCertLookupTable.java

+16 −19
Original line number Diff line number Diff line
@@ -30,6 +30,7 @@ import java.net.URL; 
 */

final class SslCertLookupTable {

    private static SslCertLookupTable sTable;

    // We store the most severe error we're willing to allow for each host.

    private final Bundle table;



    public static SslCertLookupTable getInstance() {
@@ -44,32 +45,28 @@ final class SslCertLookupTable { 
    }



    public void setIsAllowed(SslError sslError) {

        // TODO: We should key on just the host. See http://b/5409251.

        String errorString = sslErrorToString(sslError);

        if (errorString != null) {

            table.putBoolean(errorString, true);

        String host;

        try {

            host = new URL(sslError.getUrl()).getHost();

        } catch(MalformedURLException e) {

            return;

        }

        table.putInt(host, sslError.getPrimaryError());

    }



    // We allow the decision to be re-used if it's for the same host and is for

    // an error of equal or greater severity than this error.

    public boolean isAllowed(SslError sslError) {

        // TODO: We should key on just the host. See http://b/5409251.

        String errorString = sslErrorToString(sslError);

        return errorString == null ? false : table.getBoolean(errorString);

    }



    public void clear() {

        table.clear();

    }



    private static String sslErrorToString(SslError error) {

        String host;

        try {

            host = new URL(error.getUrl()).getHost();

            host = new URL(sslError.getUrl()).getHost();

        } catch(MalformedURLException e) {

            return null;

            return false;

        }

        return table.containsKey(host) && sslError.getPrimaryError() <= table.getInt(host);

    }

        return "primary error: " + error.getPrimaryError() +

                " certificate: " + error.getCertificate() +

                " on host: " + host;



    public void clear() {

        table.clear();

    }

}