Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit f72e8263 authored by Jonathan Dormody's avatar Jonathan Dormody
Browse files

Docs: Added a link to Updating Your Security Provider to Protect Against 

SSL Exploits

Test: make ds-docs

Bug: 19110275
Change-Id: I3b0a35715c16c4e30a47aab9cbaf991770426c57
parent 44cd5b97

core/java/android/net/SSLCertificateSocketFactory.java

+6 −1
Original line number Diff line number Diff line
@@ -62,7 +62,12 @@ import javax.net.ssl.X509TrustManager; 
 * This implementation does check the server's certificate hostname, but only

 * for createSocket variants that specify a hostname.  When using methods that

 * use {@link InetAddress} or which return an unconnected socket, you MUST

 * verify the server's identity yourself to ensure a secure connection.</p>

 * verify the server's identity yourself to ensure a secure connection.

 *

 * Refer to

 * <a href="https://developer.android.com/training/articles/security-gms-provider.html">

 * Updating Your Security Provider to Protect Against SSL Exploits</a>

 * for further information.</p>

 *

 * <p>One way to verify the server's identity is to use

 * {@link HttpsURLConnection#getDefaultHostnameVerifier()} to get a