Update dependencies (including cert4android and vcard4android) (bitfireAT/davx5#360)

* Update dependencies (including cert4android and vcard4android) * Migrated to new version of ical4android Signed-off-by: Arnau Mora <arnyminerz@proton.me> * Increased compileSdk Signed-off-by: Arnau Mora <arnyminerz@proton.me> * Upgraded browser Signed-off-by: Arnau Mora <arnyminerz@proton.me> * Only use `appInForeground` for `customCertsUi` Signed-off-by: Arnau Mora <arnyminerz@proton.me> * Removed unnecessary variable and fixed trust manager Signed-off-by: Arnau Mora <arnyminerz@proton.me> * Cleaned up trust manager factory Signed-off-by: Arnau Mora <arnyminerz@proton.me> * Update dependencies (including cert4android and vcard4android) * Migrated to new version of ical4android Signed-off-by: Arnau Mora <arnyminerz@proton.me> * Increased compileSdk Signed-off-by: Arnau Mora <arnyminerz@proton.me> * Upgraded browser Signed-off-by: Arnau Mora <arnyminerz@proton.me> * Only use `appInForeground` for `customCertsUi` Signed-off-by: Arnau Mora <arnyminerz@proton.me> * Removed unnecessary variable and fixed trust manager Signed-off-by: Arnau Mora <arnyminerz@proton.me> * Cleaned up trust manager factory Signed-off-by: Arnau Mora <arnyminerz@proton.me> * Minor changes * Fixed build for SDK 34 Signed-off-by: Arnau Mora <arnyminerz@proton.me> * Migrated certificate trusting Signed-off-by: Arnau Mora <arnyminerz@proton.me> * NetworkConfigProvider: handle invalid trusted certificate --------- Signed-off-by: Arnau Mora <arnyminerz@proton.me> Co-authored-by: Arnau Mora <arnyminerz@proton.me>
2024-07-23 11:39:15 +00:00 · 2023-09-01 10:50:37 +02:00 · 2023-09-01 10:50:37 +02:00 · 4ad54cd28b
parent 1c419cd75c
commit 4ad54cd28b
6 changed files with 40 additions and 40 deletions
--- a/app/build.gradle
+++ b/app/build.gradle
@ -13,7 +13,7 @@ plugins {

 // Android configuration
 android {
-    compileSdk 33
+    compileSdk 34

    defaultConfig {
        applicationId "at.bitfire.davdroid"
@ -132,7 +132,7 @@ dependencies {

    // support libs
    implementation 'androidx.appcompat:appcompat:1.6.1'
-    implementation 'androidx.browser:browser:1.5.0'
+    implementation 'androidx.browser:browser:1.6.0'
    implementation 'androidx.cardview:cardview:1.0.0'
    implementation 'androidx.concurrent:concurrent-futures-ktx:1.1.0'
    implementation 'androidx.constraintlayout:constraintlayout:2.1.4'
@ -146,7 +146,7 @@ dependencies {
    implementation 'androidx.preference:preference-ktx:1.2.1'
    implementation 'androidx.security:security-crypto:1.1.0-alpha06'
    implementation 'androidx.swiperefreshlayout:swiperefreshlayout:1.1.0'
-    implementation 'androidx.work:work-runtime-ktx:2.8.1'
+    implementation "androidx.work:work-runtime-ktx:${versions.workManager}"
    implementation 'com.google.android.flexbox:flexbox:3.0.0'
    implementation 'com.google.android.material:material:1.9.0'

@ -201,7 +201,7 @@ dependencies {
    androidTestImplementation 'androidx.test:runner:1.5.2'
    androidTestImplementation 'androidx.test:rules:1.5.0'
    androidTestImplementation 'androidx.test.ext:junit-ktx:1.1.5'
-    androidTestImplementation 'androidx.work:work-testing:2.8.1'
+    androidTestImplementation "androidx.work:work-testing:${versions.workManager}"
    androidTestImplementation "com.squareup.okhttp3:mockwebserver:${versions.okhttp}"
    androidTestImplementation 'io.mockk:mockk-android:1.13.7'
    androidTestImplementation 'junit:junit:4.13.2'
--- a/app/src/main/java/at/bitfire/davdroid/log/Logger.kt
+++ b/app/src/main/java/at/bitfire/davdroid/log/Logger.kt
@ -45,7 +45,7 @@ object Logger : SharedPreferences.OnSharedPreferenceChangeListener {
        reinitialize()
    }

-    override fun onSharedPreferenceChanged(sharedPreferences: SharedPreferences, key: String) {
+    override fun onSharedPreferenceChanged(sharedPreferences: SharedPreferences, key: String?) {
        if (key == LOG_TO_FILE) {
            log.info("Logging settings changed; re-initializing logger")
            reinitialize()
--- a/app/src/main/java/at/bitfire/davdroid/network/HttpClient.kt
+++ b/app/src/main/java/at/bitfire/davdroid/network/HttpClient.kt
@ -8,6 +8,7 @@ import android.content.Context
 import android.os.Build
 import android.security.KeyChain
 import at.bitfire.cert4android.CustomCertManager
+import at.bitfire.cert4android.CustomHostnameVerifier
 import at.bitfire.dav4jvm.BasicDigestAuthHandler
 import at.bitfire.dav4jvm.UrlUtils
 import at.bitfire.davdroid.BuildConfig
@ -20,6 +21,7 @@ import dagger.hilt.EntryPoint
 import dagger.hilt.InstallIn
 import dagger.hilt.android.EntryPointAccessors
 import dagger.hilt.components.SingletonComponent
+import kotlinx.coroutines.flow.MutableStateFlow
 import net.openid.appauth.AuthState
 import net.openid.appauth.AuthorizationService
 import okhttp3.*
@ -40,7 +42,6 @@ import javax.net.ssl.*

 class HttpClient private constructor(
    val okHttpClient: OkHttpClient,
-    private val certManager: CustomCertManager? = null,
    private var authService: AuthorizationService? = null
 ): AutoCloseable {

@ -87,7 +88,6 @@ class HttpClient private constructor(
    override fun close() {
        authService?.dispose()
        okHttpClient.cache?.close()
-        certManager?.close()
    }


@ -102,7 +102,8 @@ class HttpClient private constructor(
            fun certManager(): CustomCertManager
        }

-        private var appInForeground = false
+        private var appInForeground: MutableStateFlow<Boolean>? =
+                MutableStateFlow(false)
        private var authService: AuthorizationService? = null
        private var certManagerProducer: CertManagerProducer? = null
        private var certificateAlias: String? = null
@ -151,7 +152,7 @@ class HttpClient private constructor(
            customCertManager {
                // by default, use a CustomCertManager that respects the "distrust system certificates" setting
                val trustSystemCerts = !settings.getBoolean(Settings.DISTRUST_SYSTEM_CERTIFICATES)
-                CustomCertManager(context, true /*BuildConfig.customCertsUI*/, trustSystemCerts)
+                CustomCertManager(context, trustSystemCerts, appInForeground)
            }

            // use account settings for authentication and cookies
@ -205,7 +206,7 @@ class HttpClient private constructor(
            certManagerProducer = producer
        }
        fun setForeground(foreground: Boolean): Builder {
-            appInForeground = foreground
+            appInForeground?.value = foreground
            return this
        }

@ -261,33 +262,32 @@ class HttpClient private constructor(
                orig.protocols(listOf(Protocol.HTTP_1_1))
            }

-            val certManager =
-                if (certManagerProducer != null || keyManager != null) {
-                    val manager = certManagerProducer?.certManager()
-                    manager?.appInForeground = appInForeground
+            if (certManagerProducer != null || keyManager != null) {
+                val manager = certManagerProducer?.certManager()

-                    val trustManager = manager ?: {     // fall back to system default trust manager
-                        val factory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm())
+                val trustManager = manager ?: /* fall back to system default trust manager */
+                    TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm())
+                    .let { factory ->
                        factory.init(null as KeyStore?)
                        factory.trustManagers.first() as X509TrustManager
-                    }()
+                    }

-                    val hostnameVerifier = manager?.hostnameVerifier(OkHostnameVerifier)
-                        ?: OkHostnameVerifier
+                val hostnameVerifier =
+                    if (manager != null)
+                        CustomHostnameVerifier(context, OkHostnameVerifier)
+                    else
+                        OkHostnameVerifier

-                    val sslContext = SSLContext.getInstance("TLS")
-                    sslContext.init(
-                        if (keyManager != null) arrayOf(keyManager) else null,
-                        arrayOf(trustManager),
-                        null)
-                    orig.sslSocketFactory(sslContext.socketFactory, trustManager)
-                    orig.hostnameVerifier(hostnameVerifier)
+                val sslContext = SSLContext.getInstance("TLS")
+                sslContext.init(
+                    if (keyManager != null) arrayOf(keyManager) else null,
+                    arrayOf(trustManager),
+                    null)
+                orig.sslSocketFactory(sslContext.socketFactory, trustManager)
+                orig.hostnameVerifier(hostnameVerifier)
+            }

-                    manager
-                } else
-                    null
-
-            return HttpClient(orig.build(), certManager = certManager, authService = authService)
+            return HttpClient(orig.build(), authService = authService)
        }

    }
--- a/app/src/main/java/at/bitfire/davdroid/settings/SharedPreferencesProvider.kt
+++ b/app/src/main/java/at/bitfire/davdroid/settings/SharedPreferencesProvider.kt
@ -52,7 +52,7 @@ class SharedPreferencesProvider(

    override fun canWrite() = true

-    override fun onSharedPreferenceChanged(sharedPreferences: SharedPreferences, key: String) {
+    override fun onSharedPreferenceChanged(sharedPreferences: SharedPreferences, key: String?) {
        settingsManager.onSettingsChanged()
    }

--- a/app/src/main/java/at/bitfire/davdroid/ui/AppSettingsActivity.kt
+++ b/app/src/main/java/at/bitfire/davdroid/ui/AppSettingsActivity.kt
@ -15,9 +15,8 @@ import androidx.activity.result.contract.ActivityResultContracts
 import androidx.annotation.UiThread
 import androidx.appcompat.app.AppCompatActivity
 import androidx.appcompat.app.AppCompatDelegate
-import androidx.core.os.LocaleListCompat
 import androidx.preference.*
-import at.bitfire.cert4android.CustomCertManager
+import at.bitfire.cert4android.CustomCertStore
 import at.bitfire.davdroid.BuildConfig
 import at.bitfire.davdroid.ForegroundService
 import at.bitfire.davdroid.R
@ -33,7 +32,6 @@ import kotlinx.coroutines.Dispatchers
 import kotlinx.coroutines.launch
 import java.net.URI
 import java.net.URISyntaxException
-import java.util.*
 import javax.inject.Inject
 import kotlin.math.roundToInt

@ -291,8 +289,9 @@ class AppSettingsActivity: AppCompatActivity() {
        }

        private fun resetCertificates() {
-            if (CustomCertManager.resetCertificates(requireActivity()))
-                Snackbar.make(requireView(), getString(R.string.app_settings_reset_certificates_success), Snackbar.LENGTH_LONG).show()
+            CustomCertStore.getInstance(requireActivity()).clearUserDecisions()
+
+            Snackbar.make(requireView(), getString(R.string.app_settings_reset_certificates_success), Snackbar.LENGTH_LONG).show()
        }

    }
--- a/build.gradle
+++ b/build.gradle
@ -6,21 +6,22 @@ buildscript {
    ext.versions = [
        aboutLibraries: '10.8.3',
        appIntro: '7.0.0-beta02',
-        composeBom: '2023.06.01',
+        composeBom: '2023.08.00',
        hilt: '2.47',
        kotlin: '1.9.0',       // keep in sync with * app/build.gradle composeOptions.kotlinCompilerExtensionVersion
                               //                   * com.google.devtools.ksp at the end of this file
        okhttp: '4.11.0',
        room: '2.5.2',
+        workManager: '2.8.1',
        // latest Apache Commons versions that don't require Java 8 (Android 7)
        commonsCollections: '4.2',
        commonsLang: '3.8.1',
        commonsText: '1.3',
        // own libraries
-        cert4android: 'f167e84',
+        cert4android: 'd6fd798',
        dav4jvm: 'da94a8b',
        ical4android: 'b682476',
-        vcard4android: 'bd08206'
+        vcard4android: '1665081'
    ]

    repositories {