Remove fingerprint
This commit is contained in:
Philipp Heckel
parent
ecec97f6c5
commit
760e5f42ff
7 changed files with 28 additions and 43 deletions
|
|
@ -2,7 +2,7 @@
|
|||
"formatVersion": 1,
|
||||
"database": {
|
||||
"version": 16,
|
||||
"identityHash": "af6e656e277e4390d3ebbbca1c4bb845",
|
||||
"identityHash": "3466bc18a5e477081c1cbd2defcb449f",
|
||||
"entities": [
|
||||
{
|
||||
"tableName": "Subscription",
|
||||
|
|
@ -362,7 +362,7 @@
|
|||
},
|
||||
{
|
||||
"tableName": "TrustedCertificate",
|
||||
"createSql": "CREATE TABLE IF NOT EXISTS `${TABLE_NAME}` (`baseUrl` TEXT NOT NULL, `fingerprint` TEXT NOT NULL, `pem` TEXT NOT NULL, PRIMARY KEY(`baseUrl`))",
|
||||
"createSql": "CREATE TABLE IF NOT EXISTS `${TABLE_NAME}` (`baseUrl` TEXT NOT NULL, `pem` TEXT NOT NULL, PRIMARY KEY(`baseUrl`))",
|
||||
"fields": [
|
||||
{
|
||||
"fieldPath": "baseUrl",
|
||||
|
|
@ -370,12 +370,6 @@
|
|||
"affinity": "TEXT",
|
||||
"notNull": true
|
||||
},
|
||||
{
|
||||
"fieldPath": "fingerprint",
|
||||
"columnName": "fingerprint",
|
||||
"affinity": "TEXT",
|
||||
"notNull": true
|
||||
},
|
||||
{
|
||||
"fieldPath": "pem",
|
||||
"columnName": "pem",
|
||||
|
|
@ -423,7 +417,7 @@
|
|||
],
|
||||
"setupQueries": [
|
||||
"CREATE TABLE IF NOT EXISTS room_master_table (id INTEGER PRIMARY KEY,identity_hash TEXT)",
|
||||
"INSERT OR REPLACE INTO room_master_table (id,identity_hash) VALUES(42, 'af6e656e277e4390d3ebbbca1c4bb845')"
|
||||
"INSERT OR REPLACE INTO room_master_table (id,identity_hash) VALUES(42, '3466bc18a5e477081c1cbd2defcb449f')"
|
||||
]
|
||||
}
|
||||
}
|
||||
|
|
@ -229,9 +229,8 @@ class Backuper(val context: Context) {
|
|||
}
|
||||
certificates.forEach { c ->
|
||||
try {
|
||||
val cert = CertUtil.parsePemCertificate(c.pem)
|
||||
val fingerprint = CertUtil.calculateFingerprint(cert)
|
||||
repository.addTrustedCertificate(c.baseUrl, fingerprint, c.pem)
|
||||
CertUtil.parsePemCertificate(c.pem) // Validate the certificate
|
||||
repository.addTrustedCertificate(c.baseUrl, c.pem)
|
||||
} catch (e: Exception) {
|
||||
Log.w(TAG, "Unable to restore trusted certificate for ${c.baseUrl}: ${e.message}. Ignoring.", e)
|
||||
}
|
||||
|
|
@ -303,25 +302,21 @@ class Backuper(val context: Context) {
|
|||
|
||||
private suspend fun createNotificationList(): List<Notification> {
|
||||
return repository.getNotifications().map { n ->
|
||||
val actions = if (n.actions != null) {
|
||||
n.actions.map { a ->
|
||||
Action(
|
||||
id = a.id,
|
||||
action = a.action,
|
||||
label = a.label,
|
||||
clear = a.clear,
|
||||
url = a.url,
|
||||
method = a.method,
|
||||
headers = a.headers,
|
||||
body = a.body,
|
||||
intent = a.intent,
|
||||
extras = a.extras,
|
||||
progress = a.progress,
|
||||
error = a.error
|
||||
)
|
||||
}
|
||||
} else {
|
||||
null
|
||||
val actions = n.actions?.map { a ->
|
||||
Action(
|
||||
id = a.id,
|
||||
action = a.action,
|
||||
label = a.label,
|
||||
clear = a.clear,
|
||||
url = a.url,
|
||||
method = a.method,
|
||||
headers = a.headers,
|
||||
body = a.body,
|
||||
intent = a.intent,
|
||||
extras = a.extras,
|
||||
progress = a.progress,
|
||||
error = a.error
|
||||
)
|
||||
}
|
||||
val attachment = if (n.attachment != null) {
|
||||
Attachment(
|
||||
|
|
|
|||
|
|
@ -191,7 +191,6 @@ data class User(
|
|||
@Entity(tableName = "TrustedCertificate")
|
||||
data class TrustedCertificate(
|
||||
@PrimaryKey @ColumnInfo(name = "baseUrl") val baseUrl: String,
|
||||
@ColumnInfo(name = "fingerprint") val fingerprint: String,
|
||||
@ColumnInfo(name = "pem") val pem: String
|
||||
)
|
||||
|
||||
|
|
@ -387,7 +386,7 @@ abstract class Database : RoomDatabase() {
|
|||
|
||||
private val MIGRATION_15_16 = object : Migration(15, 16) {
|
||||
override fun migrate(db: SupportSQLiteDatabase) {
|
||||
db.execSQL("CREATE TABLE TrustedCertificate (baseUrl TEXT NOT NULL, fingerprint TEXT NOT NULL, pem TEXT NOT NULL, PRIMARY KEY(baseUrl))")
|
||||
db.execSQL("CREATE TABLE TrustedCertificate (baseUrl TEXT NOT NULL, pem TEXT NOT NULL, PRIMARY KEY(baseUrl))")
|
||||
db.execSQL("CREATE TABLE ClientCertificate (baseUrl TEXT NOT NULL, p12Base64 TEXT NOT NULL, password TEXT NOT NULL, PRIMARY KEY(baseUrl))")
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -203,8 +203,8 @@ class Repository(private val sharedPrefs: SharedPreferences, database: Database)
|
|||
return trustedCertificateDao.get(baseUrl)
|
||||
}
|
||||
|
||||
suspend fun addTrustedCertificate(baseUrl: String, fingerprint: String, pem: String) {
|
||||
trustedCertificateDao.insert(TrustedCertificate(baseUrl, fingerprint, pem))
|
||||
suspend fun addTrustedCertificate(baseUrl: String, pem: String) {
|
||||
trustedCertificateDao.insert(TrustedCertificate(baseUrl, pem))
|
||||
}
|
||||
|
||||
suspend fun removeTrustedCertificate(baseUrl: String) {
|
||||
|
|
|
|||
|
|
@ -202,13 +202,9 @@ class SubscriberService : Service() {
|
|||
*/
|
||||
private suspend fun reallyRefreshConnections(scope: CoroutineScope) {
|
||||
// Group INSTANT subscriptions by base URL, there is only one connection per base URL
|
||||
val instantSubscriptions = repository.getSubscriptions()
|
||||
.filter { s -> s.instant }
|
||||
val instantSubscriptions = repository.getSubscriptions().filter { s -> s.instant }
|
||||
val activeConnectionIds = connections.keys().toList().toSet()
|
||||
val connectionProtocol = repository.getConnectionProtocol()
|
||||
val trustedCertsHash = repository.getTrustedCertificates()
|
||||
.joinToString(",") { it.fingerprint }
|
||||
.hashCode()
|
||||
val desiredConnectionIds = instantSubscriptions // Set<ConnectionId>
|
||||
.groupBy { s -> s.baseUrl }
|
||||
.map { (baseUrl, subs) ->
|
||||
|
|
@ -221,6 +217,7 @@ class SubscriberService : Service() {
|
|||
.sortedBy { "${it.name}:${it.value}" }
|
||||
.joinToString(",") { "${it.name}:${it.value}" }
|
||||
.hashCode()
|
||||
val trustedCertsHash = repository.getTrustedCertificate(baseUrl)?.hashCode() ?: 0
|
||||
val clientCertHash = repository.getClientCertificate(baseUrl)?.hashCode() ?: 0
|
||||
ConnectionId(
|
||||
baseUrl = baseUrl,
|
||||
|
|
|
|||
|
|
@ -249,7 +249,7 @@ class TrustedCertificateFragment : DialogFragment() {
|
|||
}
|
||||
} catch (e: Exception) {
|
||||
withContext(Dispatchers.Main) {
|
||||
fingerprintText.text = trustedCert.fingerprint
|
||||
showError(getString(R.string.trusted_certificate_dialog_error_parse, e.message ?: "Unknown error"))
|
||||
}
|
||||
}
|
||||
} else {
|
||||
|
|
@ -354,9 +354,8 @@ class TrustedCertificateFragment : DialogFragment() {
|
|||
val certificate = cert ?: return
|
||||
val url = baseUrl ?: return
|
||||
lifecycleScope.launch(Dispatchers.IO) {
|
||||
val fingerprint = CertUtil.calculateFingerprint(certificate)
|
||||
val pem = CertUtil.encodeCertificateToPem(certificate)
|
||||
repository.addTrustedCertificate(url, fingerprint, pem)
|
||||
repository.addTrustedCertificate(url, pem)
|
||||
withContext(Dispatchers.Main) {
|
||||
if (mode != Mode.UNKNOWN) {
|
||||
Toast.makeText(context, R.string.trusted_certificate_dialog_added_toast, Toast.LENGTH_SHORT).show()
|
||||
|
|
|
|||
|
|
@ -519,6 +519,7 @@
|
|||
<string name="trusted_certificate_dialog_expired_warning">Warning: This certificate has expired.</string>
|
||||
<string name="trusted_certificate_dialog_not_yet_valid_warning">Warning: This certificate is not yet valid.</string>
|
||||
<string name="trusted_certificate_dialog_error_invalid_url">Invalid URL</string>
|
||||
<string name="trusted_certificate_dialog_error_parse">Unable to load certificate: %1$s</string>
|
||||
<string name="trusted_certificate_dialog_button_next">Next</string>
|
||||
<string name="trusted_certificate_dialog_button_trust">Trust</string>
|
||||
<string name="trusted_certificate_dialog_button_delete">Delete</string>
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue