diff --git a/mail/common/build.gradle b/mail/common/build.gradle index 43823598d..5db6a9eca 100644 --- a/mail/common/build.gradle +++ b/mail/common/build.gradle @@ -14,6 +14,9 @@ dependencies { implementation "commons-io:commons-io:${versions.commonsIo}" implementation "com.squareup.moshi:moshi:${versions.moshi}" + // We're only using this for its DefaultHostnameVerifier + implementation "org.apache.httpcomponents.client5:httpclient5:5.1.3" + testImplementation project(":mail:testing") testImplementation "junit:junit:${versions.junit}" testImplementation "com.google.truth:truth:${versions.truth}" diff --git a/mail/common/src/main/java/com/fsck/k9/mail/ssl/TrustManagerFactory.java b/mail/common/src/main/java/com/fsck/k9/mail/ssl/TrustManagerFactory.java index 0f6212f37..36f2bd963 100644 --- a/mail/common/src/main/java/com/fsck/k9/mail/ssl/TrustManagerFactory.java +++ b/mail/common/src/main/java/com/fsck/k9/mail/ssl/TrustManagerFactory.java @@ -15,7 +15,7 @@ import com.fsck.k9.mail.CertificateChainException; import javax.net.ssl.SSLException; import javax.net.ssl.TrustManager; import javax.net.ssl.X509TrustManager; -import org.apache.http.conn.ssl.StrictHostnameVerifier; +import org.apache.hc.client5.http.ssl.DefaultHostnameVerifier; public class TrustManagerFactory { public static TrustManagerFactory createInstance(LocalKeyStore localKeyStore) { @@ -68,6 +68,8 @@ public class TrustManagerFactory { } private class SecureX509TrustManager implements X509TrustManager { + private final DefaultHostnameVerifier hostnameVerifier = new DefaultHostnameVerifier(); + private final String mHost; private final int mPort; @@ -90,7 +92,7 @@ public class TrustManagerFactory { try { defaultTrustManager.checkServerTrusted(chain, authType); - new StrictHostnameVerifier().verify(mHost, certificate); + hostnameVerifier.verify(mHost, certificate); return; } catch (CertificateException e) { // cert. chain can't be validated