From e1ac84d605bb6467c587cceddd0b8057c3a13e82 Mon Sep 17 00:00:00 2001
From: Christophe Beyls <software@digitalia.be>
Date: Sat, 7 May 2016 17:44:43 +0200
Subject: [PATCH] Removed HTTPS security hacks where no longer necessary

---
 .../be/digitalia/fosdem/utils/HttpUtils.java  | 37 ++++---------------
 1 file changed, 7 insertions(+), 30 deletions(-)

diff --git a/app/src/main/java/be/digitalia/fosdem/utils/HttpUtils.java b/app/src/main/java/be/digitalia/fosdem/utils/HttpUtils.java
index ff3682d..bf29d38 100644
--- a/app/src/main/java/be/digitalia/fosdem/utils/HttpUtils.java
+++ b/app/src/main/java/be/digitalia/fosdem/utils/HttpUtils.java
@@ -10,16 +10,11 @@ import java.io.IOException;
 import java.io.InputStream;
 import java.net.HttpURLConnection;
 import java.net.URL;
-import java.security.cert.CertificateException;
-import java.security.cert.X509Certificate;
 import java.util.zip.GZIPInputStream;
 
 import javax.net.ssl.HostnameVerifier;
 import javax.net.ssl.HttpsURLConnection;
-import javax.net.ssl.SSLContext;
 import javax.net.ssl.SSLSession;
-import javax.net.ssl.TrustManager;
-import javax.net.ssl.X509TrustManager;
 
 /**
  * Utility class to perform HTTP requests.
@@ -36,31 +31,13 @@ public class HttpUtils {
 			System.setProperty("http.keepAlive", "false");
 		}
 
-		// Bypass hostname verification
-		HttpsURLConnection.setDefaultHostnameVerifier(new HostnameVerifier() {
-			public boolean verify(String hostname, SSLSession session) {
-				return true;
-			}
-		});
-
-		// Trust all HTTPS certificates
-		TrustManager[] trustAllCerts = new TrustManager[]{new X509TrustManager() {
-			public java.security.cert.X509Certificate[] getAcceptedIssuers() {
-				return new java.security.cert.X509Certificate[]{};
-			}
-
-			public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException {
-			}
-
-			public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException {
-			}
-		}};
-		try {
-			SSLContext sc = SSLContext.getInstance("TLS");
-			sc.init(null, trustAllCerts, new java.security.SecureRandom());
-			HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
-		} catch (Exception e) {
-			e.printStackTrace();
+		// Bypass hostname verification on older devices
+		if (Build.VERSION.SDK_INT < Build.VERSION_CODES.GINGERBREAD) {
+			HttpsURLConnection.setDefaultHostnameVerifier(new HostnameVerifier() {
+				public boolean verify(String hostname, SSLSession session) {
+					return true;
+				}
+			});
 		}
 	}