From 3d076afc37034c0cf46580bc288a85f65b617399 Mon Sep 17 00:00:00 2001 From: Robin Lee Date: Fri, 25 Apr 2014 14:57:49 +0100 Subject: Choose CA certificate storage according to userId Sets the default CA certificate directory at first instantiation so that only certificates for the current user are searched. This means that if one user decides to trust a CA no other user of the device will be forced into trusting that CA as well. Change-Id: Iaca14a94dd14c598e49a598290e1a80917269eac --- core/java/android/app/ActivityThread.java | 5 +++++ 1 file changed, 5 insertions(+) (limited to 'core/java/android/app/ActivityThread.java') diff --git a/core/java/android/app/ActivityThread.java b/core/java/android/app/ActivityThread.java index 9a3478e..c931d79 100644 --- a/core/java/android/app/ActivityThread.java +++ b/core/java/android/app/ActivityThread.java @@ -95,6 +95,7 @@ import com.android.internal.os.RuntimeInit; import com.android.internal.os.SamplingProfilerIntegration; import com.android.internal.util.FastPrintWriter; import com.android.org.conscrypt.OpenSSLSocketImpl; +import com.android.org.conscrypt.TrustedCertificateStore; import com.google.android.collect.Lists; import dalvik.system.VMRuntime; @@ -5040,6 +5041,10 @@ public final class ActivityThread { Security.addProvider(new AndroidKeyStoreProvider()); + // Make sure TrustedCertificateStore looks in the right place for CA certificates + final File configDir = Environment.getUserConfigDirectory(UserHandle.myUserId()); + TrustedCertificateStore.setDefaultUserDirectory(configDir); + Process.setArgV0(""); Looper.prepareMainLooper(); -- cgit v1.1