Skip to content
This repository has been archived by the owner on Jan 25, 2018. It is now read-only.

Commit

Permalink
fixed bug comparing issuer cert to Root CA cert O OU and CN names
Browse files Browse the repository at this point in the history
  • Loading branch information
@n8fr8
n8fr8 committed Sep 21, 2011
1 parent a59b8d3 commit 1253eeb
Showing 1 changed file with 14 additions and 10 deletions.
24 changes: 14 additions & 10 deletions src/info/guardianproject/otr/app/im/plugin/xmpp/ServerTrustManager.java
View file
Expand Up @@ -60,7 +60,10 @@
*/
class ServerTrustManager implements X509TrustManager {

private static Pattern cnPattern = Pattern.compile("(?i)(cn=)([^,]*)");
private final static Pattern cnPattern = Pattern.compile("(?i)(cn=)([^,]*)");
private final static Pattern oPattern = Pattern.compile("(?i)(o=)([^,]*)");
private final static Pattern ouPattern = Pattern.compile("(?i)(ou=)([^,]*)");


private ConnectionConfiguration configuration;

Expand Down Expand Up @@ -119,6 +122,7 @@ public void checkClientTrusted(X509Certificate[] arg0, String arg1)
public void checkServerTrusted(X509Certificate[] x509Certificates, String arg1)
throws CertificateException {

//android.os.Debug.waitForDebugger();

int nSize = x509Certificates.length;

Expand Down Expand Up @@ -180,15 +184,15 @@ public void checkServerTrusted(X509Certificate[] x509Certificates, String arg1)
String caSubject = cert.getSubjectDN().getName();
String issuerSubject = certFinal.getIssuerDN().getName();

Matcher matcher = cnPattern.matcher(caSubject);
if (matcher.find()) {
caSubject = matcher.group(2);
}
matcher = cnPattern.matcher(issuerSubject);
if (matcher.find()) {
issuerSubject = matcher.group(2);
}
Matcher matcher = oPattern.matcher(caSubject);
if (matcher.find()) {
caSubject = matcher.group(2);
}

matcher = oPattern.matcher(issuerSubject);
if (matcher.find()) {
issuerSubject = matcher.group(2);
}

if (caSubject.equals(issuerSubject))
{
Expand Down

0 comments on commit 1253eeb

Please sign in to comment.