summaryrefslogtreecommitdiffstats
path: root/src/org/apache
diff options
context:
space:
mode:
authorBrian Carlstrom <bdc@google.com>2010-05-05 10:13:48 -0700
committerBrian Carlstrom <bdc@google.com>2010-05-05 10:13:48 -0700
commit5648c97be2c515bdafeff3d8a4b07ea0ddc3e357 (patch)
tree66f59c0c8763ef5e56b0d6cc32c241fc46230fc1 /src/org/apache
parent2e9f166eba309e50c1c1f52ff8d2694f058ab2cf (diff)
downloadexternal_apache-http-5648c97be2c515bdafeff3d8a4b07ea0ddc3e357.zip
external_apache-http-5648c97be2c515bdafeff3d8a4b07ea0ddc3e357.tar.gz
external_apache-http-5648c97be2c515bdafeff3d8a4b07ea0ddc3e357.tar.bz2
Remove explicit SSLSocket.startHandshake
When dalvik-dev merges to master, startHandshake will imply that the caller wants a fully synchronous handshake instead of using handshake cutthrough. This removes an unnecessary startHandshake so that handshake cutthrough won't be disabled for Apache http connections. This change brings Abstract verify into sync with the code from javax.net.ssl.DefaultHostnameVerifier from dalvik-dev which also removed this same duplicated code. src/org/apache/http/conn/ssl/AbstractVerifier.java Change-Id: I505e27db97ce49d3c76b3a8af9046238149500d3
Diffstat (limited to 'src/org/apache')
-rw-r--r--src/org/apache/http/conn/ssl/AbstractVerifier.java37
1 files changed, 0 insertions, 37 deletions
diff --git a/src/org/apache/http/conn/ssl/AbstractVerifier.java b/src/org/apache/http/conn/ssl/AbstractVerifier.java
index 5195e58..e409db9 100644
--- a/src/org/apache/http/conn/ssl/AbstractVerifier.java
+++ b/src/org/apache/http/conn/ssl/AbstractVerifier.java
@@ -89,44 +89,7 @@ public abstract class AbstractVerifier implements X509HostnameVerifier {
throw new NullPointerException("host to verify is null");
}
- ssl.startHandshake();
SSLSession session = ssl.getSession();
- if(session == null) {
- // In our experience this only happens under IBM 1.4.x when
- // spurious (unrelated) certificates show up in the server'
- // chain. Hopefully this will unearth the real problem:
- InputStream in = ssl.getInputStream();
- in.available();
- /*
- If you're looking at the 2 lines of code above because
- you're running into a problem, you probably have two
- options:
-
- #1. Clean up the certificate chain that your server
- is presenting (e.g. edit "/etc/apache2/server.crt"
- or wherever it is your server's certificate chain
- is defined).
-
- OR
-
- #2. Upgrade to an IBM 1.5.x or greater JVM, or switch
- to a non-IBM JVM.
- */
-
- // If ssl.getInputStream().available() didn't cause an
- // exception, maybe at least now the session is available?
- session = ssl.getSession();
- if(session == null) {
- // If it's still null, probably a startHandshake() will
- // unearth the real problem.
- ssl.startHandshake();
-
- // Okay, if we still haven't managed to cause an exception,
- // might as well go for the NPE. Or maybe we're okay now?
- session = ssl.getSession();
- }
- }
-
Certificate[] certs = session.getPeerCertificates();
X509Certificate x509 = (X509Certificate) certs[0];
verify(host, x509);