generate HTTPS certificate after wifi change

Since the HTTPS certificate includes the current IP address in it, it needs to be regenerated each time that the IP address changes. It also can take a long time to run, especially on the first time, since it had to do things like create a key pair and make the certificate. Therefore it should be in a Service/AsyncTask.
2014-05-23 16:51:21 -04:00 · 2014-05-23 16:51:21 -04:00 · 91fc0f5383
commit 91fc0f5383
parent b70986ef16
2 changed files with 18 additions and 34 deletions
--- a/src/org/fdroid/fdroid/net/WifiStateChangeService.java
+++ b/src/org/fdroid/fdroid/net/WifiStateChangeService.java
@ -2,6 +2,7 @@
 package org.fdroid.fdroid.net;

 import android.app.Service;
+import android.content.Context;
 import android.content.Intent;
 import android.net.wifi.WifiInfo;
 import android.net.wifi.WifiManager;
@ -65,12 +66,24 @@ public class WifiStateChangeService extends Service {
                FDroidApp.repo.name = Preferences.get().getLocalRepoName();
                FDroidApp.repo.address = String.format(Locale.ENGLISH, "%s://%s:%d/fdroid/repo",
                        scheme, FDroidApp.ipAddressString, FDroidApp.port);
-                Certificate localCert = LocalRepoKeyStore.get(getApplication()).getCertificate();
+
+                Context context = WifiStateChangeService.this.getApplicationContext();
+                LocalRepoKeyStore localRepoKeyStore = LocalRepoKeyStore.get(context);
+                Certificate localCert = localRepoKeyStore.getCertificate();
                FDroidApp.repo.fingerprint = Utils.calcFingerprint(localCert);
-                LocalRepoManager lrm = LocalRepoManager.get(WifiStateChangeService.this);
+                LocalRepoManager lrm = LocalRepoManager.get(context);
                lrm.setUriString(FDroidApp.repo.address);
-                lrm.writeIndexPage(
-                        Utils.getSharingUri(WifiStateChangeService.this, FDroidApp.repo).toString());
+                lrm.writeIndexPage(Utils.getSharingUri(context, FDroidApp.repo).toString());
+
+                /*
+                 * Once the IP address is known we need to generate a self
+                 * signed certificate to use for HTTPS that has a CN field set
+                 * to the ipAddressString. This must be run in the background
+                 * because if this is the first time the singleton is run, it
+                 * can take a while to instantiate.
+                 */
+                if (Preferences.get().isLocalRepoHttpsEnabled())
+                    localRepoKeyStore.setupHTTPSCertificate();
            } catch (InterruptedException e) {
                e.printStackTrace();
            }
@ -82,6 +95,7 @@ public class WifiStateChangeService extends Service {
            Intent intent = new Intent(BROADCAST);
            LocalBroadcastManager.getInstance(WifiStateChangeService.this).sendBroadcast(intent);
            WifiStateChangeService.this.stopSelf();
+            FDroidApp.restartLocalRepoService();
        }
    }

--- a/src/org/fdroid/fdroid/views/LocalRepoActivity.java
+++ b/src/org/fdroid/fdroid/views/LocalRepoActivity.java
@ -22,18 +22,10 @@ import android.view.*;
 import android.widget.*;

 import org.fdroid.fdroid.*;
-import org.fdroid.fdroid.localrepo.LocalRepoKeyStore;
 import org.fdroid.fdroid.localrepo.LocalRepoManager;
 import org.fdroid.fdroid.localrepo.LocalRepoService;
 import org.fdroid.fdroid.net.WifiStateChangeService;
-import org.spongycastle.operator.OperatorCreationException;

-import java.io.FileNotFoundException;
-import java.io.IOException;
-import java.security.KeyStoreException;
-import java.security.NoSuchAlgorithmException;
-import java.security.UnrecoverableKeyException;
-import java.security.cert.CertificateException;
 import java.util.Locale;
 import java.util.Timer;
 import java.util.TimerTask;
@ -261,28 +253,6 @@ public class LocalRepoActivity extends Activity {
            fingerprintTextView.setVisibility(View.GONE);
        }

-        // Once the IP address is known we need to generate a self signed
-        // certificate to use for HTTPS that has a CN field set to the
-        // ipAddressString. We'll generate it even if useHttps is false
-        // to simplify having to detect when that preference changes.
-        try {
-            LocalRepoKeyStore.get(this).setupHTTPSCertificate();
-        } catch (UnrecoverableKeyException e) {
-            e.printStackTrace();
-        } catch (CertificateException e) {
-            e.printStackTrace();
-        } catch (OperatorCreationException e) {
-            e.printStackTrace();
-        } catch (KeyStoreException e) {
-            e.printStackTrace();
-        } catch (NoSuchAlgorithmException e) {
-            e.printStackTrace();
-        } catch (FileNotFoundException e) {
-            e.printStackTrace();
-        } catch (IOException e) {
-            e.printStackTrace();
-        }
-
        // the required NFC API was added in 4.0 aka Ice Cream Sandwich
        if (Build.VERSION.SDK_INT >= 14) {
            NfcAdapter nfcAdapter = NfcAdapter.getDefaultAdapter(this);