Merge branch '2402-cleartext-for-swap' into 'master'
Allow cleartext (non-https) traffic, so swap/nearby works Closes #2402 See merge request fdroid/fdroidclient!1117
This commit is contained in:
Hans-Christoph Steiner
commit
e30887bfac
|
|
@ -75,8 +75,8 @@ kotlin {
|
|||
}
|
||||
androidAndroidTest {
|
||||
dependencies {
|
||||
implementation 'androidx.test:runner:1.3.0'
|
||||
implementation 'androidx.test.ext:junit:1.1.2'
|
||||
implementation 'androidx.test:runner:1.4.0'
|
||||
implementation 'androidx.test.ext:junit:1.1.3'
|
||||
}
|
||||
}
|
||||
nativeMain {
|
||||
|
|
|
|||
|
|
@ -23,6 +23,15 @@ internal class HttpManagerInstrumentationTest {
|
|||
|
||||
private val userAgent = getRandomString()
|
||||
|
||||
@Test
|
||||
fun testCleartext() = runSuspend {
|
||||
val httpManager = HttpManager(userAgent, null)
|
||||
val mirror = Mirror("http://neverssl.com")
|
||||
val downloadRequest = DownloadRequest("/", listOf(mirror))
|
||||
|
||||
httpManager.getBytes(downloadRequest)
|
||||
}
|
||||
|
||||
@Test(expected = SSLHandshakeException::class)
|
||||
fun testNoTls10() = runSuspend {
|
||||
val httpManager = HttpManager(userAgent, null)
|
||||
|
|
|
|||
|
|
@ -4,6 +4,7 @@ import io.ktor.client.engine.HttpClientEngine
|
|||
import io.ktor.client.engine.HttpClientEngineFactory
|
||||
import io.ktor.client.engine.okhttp.OkHttp
|
||||
import io.ktor.client.engine.okhttp.OkHttpConfig
|
||||
import okhttp3.ConnectionSpec.Companion.CLEARTEXT
|
||||
import okhttp3.ConnectionSpec.Companion.MODERN_TLS
|
||||
import okhttp3.ConnectionSpec.Companion.RESTRICTED_TLS
|
||||
import okhttp3.Dns
|
||||
|
|
@ -12,6 +13,12 @@ import java.net.InetAddress
|
|||
|
||||
internal actual fun getHttpClientEngineFactory(): HttpClientEngineFactory<*> {
|
||||
return object : HttpClientEngineFactory<OkHttpConfig> {
|
||||
private val connectionSpecs = listOf(
|
||||
RESTRICTED_TLS, // order matters here, so we put restricted before modern
|
||||
MODERN_TLS,
|
||||
CLEARTEXT, // needed for swap connections, allowed in fdroidclient:app as well
|
||||
)
|
||||
|
||||
override fun create(block: OkHttpConfig.() -> Unit): HttpClientEngine = OkHttp.create {
|
||||
block()
|
||||
config {
|
||||
|
|
@ -23,7 +30,7 @@ internal actual fun getHttpClientEngineFactory(): HttpClientEngineFactory<*> {
|
|||
// use default hostname verifier
|
||||
OkHostnameVerifier.verify(hostname, session)
|
||||
}
|
||||
connectionSpecs(listOf(RESTRICTED_TLS, MODERN_TLS))
|
||||
connectionSpecs(connectionSpecs)
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1,13 +1,9 @@
|
|||
package org.fdroid.download
|
||||
|
||||
import io.ktor.client.engine.HttpClientEngine
|
||||
import io.ktor.client.engine.HttpClientEngineFactory
|
||||
import io.ktor.client.engine.ProxyBuilder
|
||||
import io.ktor.client.engine.mock.MockEngine
|
||||
import io.ktor.client.engine.mock.respond
|
||||
import io.ktor.client.engine.mock.respondOk
|
||||
import io.ktor.client.engine.okhttp.OkHttp
|
||||
import io.ktor.client.engine.okhttp.OkHttpConfig
|
||||
import io.ktor.client.utils.buildHeaders
|
||||
import io.ktor.http.HttpHeaders.ContentLength
|
||||
import io.ktor.http.HttpHeaders.ETag
|
||||
|
|
@ -17,7 +13,6 @@ import io.ktor.http.HttpMethod.Companion.Head
|
|||
import io.ktor.http.HttpStatusCode.Companion.OK
|
||||
import io.ktor.http.HttpStatusCode.Companion.PartialContent
|
||||
import io.ktor.http.headersOf
|
||||
import okhttp3.ConnectionSpec.Companion.CLEARTEXT
|
||||
import org.fdroid.get
|
||||
import org.fdroid.getRandomString
|
||||
import org.fdroid.runSuspend
|
||||
|
|
@ -163,16 +158,7 @@ internal class HttpDownloaderTest {
|
|||
|
||||
val file = folder.newFile()
|
||||
|
||||
val clientFactory = object : HttpClientEngineFactory<OkHttpConfig> {
|
||||
override fun create(block: OkHttpConfig.() -> Unit): HttpClientEngine = OkHttp.create {
|
||||
block()
|
||||
config {
|
||||
// onion connections are considered cleartext, so we need to allow that
|
||||
connectionSpecs(listOf(CLEARTEXT))
|
||||
}
|
||||
}
|
||||
}
|
||||
val httpManager = HttpManager(userAgent, null, httpClientEngineFactory = clientFactory)
|
||||
val httpManager = HttpManager(userAgent, null)
|
||||
// tor-project.org
|
||||
val torHost = "http://2gzyxa5ihm7nsggfxnu52rck2vv4rvmdlkiu3zzui5du4xyclen53wid.onion"
|
||||
val proxy = ProxyBuilder.socks("localhost", TOR_SOCKS_PORT)
|
||||
|
|
|
|||
|
|
@ -693,6 +693,11 @@
|
|||
<sha256 value="86549cae8c5b848f817e2c716e174c7dab61caf0b4df9848680eeb753089a337" origin="Generated by Gradle because artifact wasn't signed"/>
|
||||
</artifact>
|
||||
</component>
|
||||
<component group="androidx.test" name="core" version="1.4.0">
|
||||
<artifact name="core-1.4.0.aar">
|
||||
<sha256 value="671284e62e393f16ceae1a99a3a9a07bf1aacda29f8fe7b6b884355ef34c09cf" origin="Generated by Gradle"/>
|
||||
</artifact>
|
||||
</component>
|
||||
<component group="androidx.test" name="monitor" version="1.2.0">
|
||||
<artifact name="monitor-1.2.0.aar">
|
||||
<sha256 value="fc97ca3f00f8ca30b7d5167fbd8736756048e2cc4f8e92dc891106751a5baeef" origin="Generated by Gradle because artifact wasn't signed"/>
|
||||
|
|
@ -706,6 +711,11 @@
|
|||
<sha256 value="f73a31306a783e63150c60c49e140dc38da39a1b7947690f4b73387b5ebad77e" origin="Generated by Gradle because artifact wasn't signed"/>
|
||||
</artifact>
|
||||
</component>
|
||||
<component group="androidx.test" name="monitor" version="1.4.0">
|
||||
<artifact name="monitor-1.4.0.aar">
|
||||
<sha256 value="46a912a1e175f27a97521af3f50e5af87c22c49275dd2c57c043740012806325" origin="Generated by Gradle"/>
|
||||
</artifact>
|
||||
</component>
|
||||
<component group="androidx.test" name="rules" version="1.2.0">
|
||||
<artifact name="rules-1.2.0.aar">
|
||||
<sha256 value="24bd7111e0db91b4a5f6d5c3e3e89698580dc90d29273d04a775bb7fe7c2a761" origin="Generated by Gradle because artifact wasn't signed"/>
|
||||
|
|
@ -732,6 +742,11 @@
|
|||
<sha256 value="61d13f5a9fcbbd73ba18fa84e1d6a0111c6e1c665a89b418126966e61fffd93b" origin="Generated by Gradle because artifact wasn't signed"/>
|
||||
</artifact>
|
||||
</component>
|
||||
<component group="androidx.test" name="runner" version="1.4.0">
|
||||
<artifact name="runner-1.4.0.aar">
|
||||
<sha256 value="e3f3d8b8d5d4a3edcacbdaa4a31bda2b0e41d3e704b02b3750466a06367ec5a0" origin="Generated by Gradle"/>
|
||||
</artifact>
|
||||
</component>
|
||||
<component group="androidx.test.espresso" name="espresso-core" version="3.2.0">
|
||||
<artifact name="espresso-core-3.2.0.aar">
|
||||
<sha256 value="beb4712c2520c1da30ac1f25506871f16ea5b83ee686ece5a258769df1a01e15" origin="Generated by Gradle because artifact wasn't signed"/>
|
||||
|
|
@ -771,6 +786,16 @@
|
|||
<sha256 value="6c6ab120c640bf16fcaae69cb83c144d0ed6b6298562be0ac35e37ed969c0409" origin="Generated by Gradle because artifact wasn't signed"/>
|
||||
</artifact>
|
||||
</component>
|
||||
<component group="androidx.test.ext" name="junit" version="1.1.3">
|
||||
<artifact name="junit-1.1.3.aar">
|
||||
<sha256 value="a97209d75a9a85815fa8934f5a4a320de1163ffe94e2f0b328c0c98a59660690" origin="Generated by Gradle"/>
|
||||
</artifact>
|
||||
</component>
|
||||
<component group="androidx.test.services" name="storage" version="1.4.0">
|
||||
<artifact name="storage-1.4.0.aar">
|
||||
<sha256 value="35cfbf442abb83e5876cd5deb9de02ae047459f18f831097c5caa76d626bc38a" origin="Generated by Gradle"/>
|
||||
</artifact>
|
||||
</component>
|
||||
<component group="androidx.test.uiautomator" name="uiautomator" version="2.2.0">
|
||||
<artifact name="uiautomator-2.2.0.aar">
|
||||
<sha256 value="2838e9d961dbffefbbd229a2bd4f6f82ac4fb2462975862a9e75e9ed325a3197" origin="Generated by Gradle because artifact wasn't signed"/>
|
||||
|
|
|
|||
Loading…
Reference in New Issue