You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@hc.apache.org by ol...@apache.org on 2015/01/11 16:36:03 UTC
svn commit: r1650908 - in
/httpcomponents/httpclient-android/branches/4.3.5-android: RELEASE_NOTES.txt
src/main/java/org/apache/http/conn/ssl/AbstractVerifierHC4.java
Author: olegk
Date: Sun Jan 11 15:36:03 2015
New Revision: 1650908
URL: http://svn.apache.org/r1650908
Log:
HTTPCLIENT-1597: Hostname verifiers incorrectly reject certificates with empty attributes in the certificate subject
Modified:
httpcomponents/httpclient-android/branches/4.3.5-android/RELEASE_NOTES.txt
httpcomponents/httpclient-android/branches/4.3.5-android/src/main/java/org/apache/http/conn/ssl/AbstractVerifierHC4.java
Modified: httpcomponents/httpclient-android/branches/4.3.5-android/RELEASE_NOTES.txt
URL: http://svn.apache.org/viewvc/httpcomponents/httpclient-android/branches/4.3.5-android/RELEASE_NOTES.txt?rev=1650908&r1=1650907&r2=1650908&view=diff
==============================================================================
--- httpcomponents/httpclient-android/branches/4.3.5-android/RELEASE_NOTES.txt (original)
+++ httpcomponents/httpclient-android/branches/4.3.5-android/RELEASE_NOTES.txt Sun Jan 11 15:36:03 2015
@@ -1,6 +1,10 @@
Changes since 4.3.5
-------------------
+* [HTTPCLIENT-1597] Hostname verifiers incorrectly reject certificates with empty attributes
+ in the certificate subject
+ Contributed by Oleg Kalnichevski <olegk at apache.org>
+
* [HTTPCLIENT-1591] Invoke Android specific SNI method via reflection
Contributed by Oleg Kalnichevski <olegk at apache.org>
Modified: httpcomponents/httpclient-android/branches/4.3.5-android/src/main/java/org/apache/http/conn/ssl/AbstractVerifierHC4.java
URL: http://svn.apache.org/viewvc/httpcomponents/httpclient-android/branches/4.3.5-android/src/main/java/org/apache/http/conn/ssl/AbstractVerifierHC4.java?rev=1650908&r1=1650907&r2=1650908&view=diff
==============================================================================
--- httpcomponents/httpclient-android/branches/4.3.5-android/src/main/java/org/apache/http/conn/ssl/AbstractVerifierHC4.java (original)
+++ httpcomponents/httpclient-android/branches/4.3.5-android/src/main/java/org/apache/http/conn/ssl/AbstractVerifierHC4.java Sun Jan 11 15:36:03 2015
@@ -45,6 +45,7 @@ import java.util.Locale;
import javax.net.ssl.SSLException;
import javax.net.ssl.SSLSession;
import javax.net.ssl.SSLSocket;
+import javax.security.auth.x500.X500Principal;
import android.util.Log;
@@ -273,7 +274,7 @@ public abstract class AbstractVerifierHC
final NameValuePair nvp = nvps.get(i);
final String attribName = nvp.getName();
final String attribValue = nvp.getValue();
- if (TextUtils.isBlank(attribValue)) {
+ if (TextUtils.isBlank(attribName)) {
throw new SSLException(subjectPrincipal + " is not a valid X500 distinguished name");
}
if (attribName.equalsIgnoreCase("cn")) {