From aa22d8f8f371ce962d4827e50bfd793c2ab689c3 Mon Sep 17 00:00:00 2001
From: Andrew Dolgov <fox@madoka.volgo-balt.ru>
Date: Tue, 25 Sep 2012 13:47:04 +0400
Subject: split SSL hostname verification to a separate option, do not call
 trustAllHosts() on every API request, fix support for older tt-rss versions
 which do not have getApiLevel call

---
 src/org/fox/ttrss/FeedsFragment.java | 58 ++----------------------------------
 1 file changed, 3 insertions(+), 55 deletions(-)

(limited to 'src/org/fox/ttrss/FeedsFragment.java')

diff --git a/src/org/fox/ttrss/FeedsFragment.java b/src/org/fox/ttrss/FeedsFragment.java
index 88538399..056932b3 100644
--- a/src/org/fox/ttrss/FeedsFragment.java
+++ b/src/org/fox/ttrss/FeedsFragment.java
@@ -585,65 +585,13 @@ public class FeedsFragment extends Fragment implements OnItemClickListener, OnSh
 			return null;
 		}
 		
-		private void trustAllHosts() {
-		    X509TrustManager easyTrustManager = new X509TrustManager() {
-
-		        public void checkClientTrusted(
-		        		X509Certificate[] chain,
-		                String authType) throws CertificateException {
-		            // Oh, I am easy!
-		        }
-
-		        public void checkServerTrusted(
-		        		X509Certificate[] chain,
-		                String authType) throws CertificateException {
-		            // Oh, I am easy!
-		        }
-
-		        public X509Certificate[] getAcceptedIssuers() {
-		            return null;
-		        }
-
-		    };
-
-		    // Create a trust manager that does not validate certificate chains
-		    TrustManager[] trustAllCerts = new TrustManager[] {easyTrustManager};
-
-		    // Install the all-trusting trust manager
-		    try {
-		        SSLContext sc = SSLContext.getInstance("TLS");
-
-		        sc.init(null, trustAllCerts, new java.security.SecureRandom());
-
-		        HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
-		        HttpsURLConnection.setDefaultHostnameVerifier(new HostnameVerifier() {				
-					@Override
-					public boolean verify(String hostname, SSLSession session) {
-						return true;
-					}
-				});
-
-		    } catch (Exception e) {
-		            e.printStackTrace();
-		    }
-		}
-		
-		@SuppressWarnings("deprecation")
-		private void disableConnectionReuseIfNecessary() {
-		    // HTTP connection reuse which was buggy pre-froyo
-		    if (Integer.parseInt(Build.VERSION.SDK) < Build.VERSION_CODES.FROYO) {
-		        System.setProperty("http.keepAlive", "false");
-		    }
-		}
-		
 		protected void downloadFile(String fetchUrl, String outputFile) {
 			AndroidHttpClient client = AndroidHttpClient.newInstance("Tiny Tiny RSS");
 			
-			disableConnectionReuseIfNecessary();
+			/* ApiRequest.disableConnectionReuseIfNecessary(); */
 			
-			if (m_prefs.getBoolean("ssl_trust_any", false)) {
-				trustAllHosts();				
-			}
+			/* ApiRequest.trustAllHosts(m_prefs.getBoolean("ssl_trust_any", false),
+					m_prefs.getBoolean("ssl_trust_any_host", false)); */				
 
 			try {
 				URL url = new URL(fetchUrl);
-- 
cgit v1.2.3-54-g00ecf