diff options
author | Alex Klyubin <klyubin@google.com> | 2014-11-18 17:45:01 -0800 |
---|---|---|
committer | Kenny Root <kroot@google.com> | 2014-11-19 18:39:46 +0000 |
commit | e82a7960ac9057798c6e2b9717f8e7f191b8022d (patch) | |
tree | 8b7f6fcecd9d2dc80fe5b69105fadd6de163d8f1 | |
parent | 798243ff83baf3effd9c278473460a3e9f90d234 (diff) | |
download | okhttp-kitkat-cts-dev.tar.gz |
Fix a bug in OkHostnameVerifier wildcard handling.android-cts-4.4_r4kitkat-cts-releasekitkat-cts-dev
Wildcard domain name patterns of the form *.remainder are supposed to
match domain names that exactly match the remainder. Due to a bug,
the match was not exact but rather a prefix match: domain names
starting with the remainder would match too.
This CL fixes the issue.
(cherry picked from commit a03ec4ced2b11f9eae6cbeeedb1db2b1b29fafb1)
Bug: 18432707
Change-Id: Ie40b71a26df1ac2a972341e7b3b40dd9cf38e8b1
-rw-r--r-- | src/main/java/com/squareup/okhttp/internal/tls/OkHostnameVerifier.java | 2 | ||||
-rw-r--r-- | src/test/java/com/squareup/okhttp/internal/tls/HostnameVerifierTest.java | 1 |
2 files changed, 2 insertions, 1 deletions
diff --git a/src/main/java/com/squareup/okhttp/internal/tls/OkHostnameVerifier.java b/src/main/java/com/squareup/okhttp/internal/tls/OkHostnameVerifier.java index a08773f..21e539c 100644 --- a/src/main/java/com/squareup/okhttp/internal/tls/OkHostnameVerifier.java +++ b/src/main/java/com/squareup/okhttp/internal/tls/OkHostnameVerifier.java @@ -162,7 +162,7 @@ public final class OkHostnameVerifier implements HostnameVerifier { return hostName.equals(cn); } - if (cn.startsWith("*.") && hostName.regionMatches(0, cn, 2, cn.length() - 2)) { + if (cn.startsWith("*.") && hostName.equals(cn.substring(2))) { return true; // "*.foo.com" matches "foo.com" } diff --git a/src/test/java/com/squareup/okhttp/internal/tls/HostnameVerifierTest.java b/src/test/java/com/squareup/okhttp/internal/tls/HostnameVerifierTest.java index f1decc8..82b1952 100644 --- a/src/test/java/com/squareup/okhttp/internal/tls/HostnameVerifierTest.java +++ b/src/test/java/com/squareup/okhttp/internal/tls/HostnameVerifierTest.java @@ -293,6 +293,7 @@ public final class HostnameVerifierTest { assertTrue(verifier.verify("www.foo.com", session)); assertTrue(verifier.verify("\u82b1\u5b50.foo.com", session)); assertFalse(verifier.verify("a.b.foo.com", session)); + assertFalse(verifier.verify("foo.com.au", session)); } @Test public void verifyWilcardCnOnTld() throws Exception { |