You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@hc.apache.org by ol...@apache.org on 2015/01/11 16:36:03 UTC

svn commit: r1650908 - in /httpcomponents/httpclient-android/branches/4.3.5-android: RELEASE_NOTES.txt src/main/java/org/apache/http/conn/ssl/AbstractVerifierHC4.java

Author: olegk
Date: Sun Jan 11 15:36:03 2015
New Revision: 1650908

URL: http://svn.apache.org/r1650908
Log:
HTTPCLIENT-1597: Hostname verifiers incorrectly reject certificates with empty attributes in the certificate subject

Modified:
    httpcomponents/httpclient-android/branches/4.3.5-android/RELEASE_NOTES.txt
    httpcomponents/httpclient-android/branches/4.3.5-android/src/main/java/org/apache/http/conn/ssl/AbstractVerifierHC4.java

Modified: httpcomponents/httpclient-android/branches/4.3.5-android/RELEASE_NOTES.txt
URL: http://svn.apache.org/viewvc/httpcomponents/httpclient-android/branches/4.3.5-android/RELEASE_NOTES.txt?rev=1650908&r1=1650907&r2=1650908&view=diff
==============================================================================
--- httpcomponents/httpclient-android/branches/4.3.5-android/RELEASE_NOTES.txt (original)
+++ httpcomponents/httpclient-android/branches/4.3.5-android/RELEASE_NOTES.txt Sun Jan 11 15:36:03 2015
@@ -1,6 +1,10 @@
 Changes since 4.3.5
 -------------------
 
+* [HTTPCLIENT-1597] Hostname verifiers incorrectly reject certificates with empty attributes
+  in the certificate subject
+  Contributed by Oleg Kalnichevski <olegk at apache.org>
+
 * [HTTPCLIENT-1591] Invoke Android specific SNI method via reflection
   Contributed by Oleg Kalnichevski <olegk at apache.org>
 

Modified: httpcomponents/httpclient-android/branches/4.3.5-android/src/main/java/org/apache/http/conn/ssl/AbstractVerifierHC4.java
URL: http://svn.apache.org/viewvc/httpcomponents/httpclient-android/branches/4.3.5-android/src/main/java/org/apache/http/conn/ssl/AbstractVerifierHC4.java?rev=1650908&r1=1650907&r2=1650908&view=diff
==============================================================================
--- httpcomponents/httpclient-android/branches/4.3.5-android/src/main/java/org/apache/http/conn/ssl/AbstractVerifierHC4.java (original)
+++ httpcomponents/httpclient-android/branches/4.3.5-android/src/main/java/org/apache/http/conn/ssl/AbstractVerifierHC4.java Sun Jan 11 15:36:03 2015
@@ -45,6 +45,7 @@ import java.util.Locale;
 import javax.net.ssl.SSLException;
 import javax.net.ssl.SSLSession;
 import javax.net.ssl.SSLSocket;
+import javax.security.auth.x500.X500Principal;
 
 import android.util.Log;
 
@@ -273,7 +274,7 @@ public abstract class AbstractVerifierHC
             final NameValuePair nvp = nvps.get(i);
             final String attribName = nvp.getName();
             final String attribValue = nvp.getValue();
-            if (TextUtils.isBlank(attribValue)) {
+            if (TextUtils.isBlank(attribName)) {
                 throw new SSLException(subjectPrincipal + " is not a valid X500 distinguished name");
             }
             if (attribName.equalsIgnoreCase("cn")) {