diff options
| author | Brian Carlstrom <bdc@google.com> | 2011-03-14 11:39:08 -0700 |
|---|---|---|
| committer | Brian Carlstrom <bdc@google.com> | 2011-03-14 11:40:22 -0700 |
| commit | 177cd647c9fa02329fb9800f71282b233170f986 (patch) | |
| tree | bf26f9314a4b256c1ec9c9e50ed18bd6044e71a7 | |
| parent | 4ccaefba5f96ebac5c7bb90c9b44463200afe18e (diff) | |
| download | external_apache-http-177cd647c9fa02329fb9800f71282b233170f986.zip external_apache-http-177cd647c9fa02329fb9800f71282b233170f986.tar.gz external_apache-http-177cd647c9fa02329fb9800f71282b233170f986.tar.bz2 | |
Backport hostname verification correctness fix
From libcore's commit with sha 6767bdbe6bb1d4542c97868d8df1f71d2414fc62
The only behavior change should be a bug fix. There was a check
"cn.lastIndexOf('.') >= 0" that was always true. This has been
fixed to match the comment "require two dots".
Change-Id: I680cad56a1f86150128e587f8c8e19be6ef27bc3
| -rw-r--r-- | src/org/apache/http/conn/ssl/AbstractVerifier.java | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/src/org/apache/http/conn/ssl/AbstractVerifier.java b/src/org/apache/http/conn/ssl/AbstractVerifier.java index e409db9..723d806 100644 --- a/src/org/apache/http/conn/ssl/AbstractVerifier.java +++ b/src/org/apache/http/conn/ssl/AbstractVerifier.java @@ -163,7 +163,7 @@ public abstract class AbstractVerifier implements X509HostnameVerifier { // action. It also can't be [*.co.uk] or [*.co.jp] or // [*.org.uk], etc... boolean doWildcard = cn.startsWith("*.") && - cn.lastIndexOf('.') >= 0 && + cn.indexOf('.', 2) != -1 && acceptableCountryWildcard(cn) && !InetAddressUtils.isIPv4Address(host); |