From 91fc0f53837a7233f1651a7533a423e6c1195e60 Mon Sep 17 00:00:00 2001
From: Hans-Christoph Steiner <hans@eds.org>
Date: Fri, 23 May 2014 16:51:21 -0400
Subject: [PATCH] generate HTTPS certificate after wifi change

Since the HTTPS certificate includes the current IP address in it, it needs
to be regenerated each time that the IP address changes.  It also can take
a long time to run, especially on the first time, since it had to do things
like create a key pair and make the certificate.  Therefore it should be in
a Service/AsyncTask.
---
 .../fdroid/net/WifiStateChangeService.java    | 22 +++++++++++---
 .../fdroid/views/LocalRepoActivity.java       | 30 -------------------
 2 files changed, 18 insertions(+), 34 deletions(-)

diff --git a/src/org/fdroid/fdroid/net/WifiStateChangeService.java b/src/org/fdroid/fdroid/net/WifiStateChangeService.java
index e1cdd09a6..c24271ff9 100644
--- a/src/org/fdroid/fdroid/net/WifiStateChangeService.java
+++ b/src/org/fdroid/fdroid/net/WifiStateChangeService.java
@@ -2,6 +2,7 @@
 package org.fdroid.fdroid.net;
 
 import android.app.Service;
+import android.content.Context;
 import android.content.Intent;
 import android.net.wifi.WifiInfo;
 import android.net.wifi.WifiManager;
@@ -65,12 +66,24 @@ public class WifiStateChangeService extends Service {
                 FDroidApp.repo.name = Preferences.get().getLocalRepoName();
                 FDroidApp.repo.address = String.format(Locale.ENGLISH, "%s://%s:%d/fdroid/repo",
                         scheme, FDroidApp.ipAddressString, FDroidApp.port);
-                Certificate localCert = LocalRepoKeyStore.get(getApplication()).getCertificate();
+
+                Context context = WifiStateChangeService.this.getApplicationContext();
+                LocalRepoKeyStore localRepoKeyStore = LocalRepoKeyStore.get(context);
+                Certificate localCert = localRepoKeyStore.getCertificate();
                 FDroidApp.repo.fingerprint = Utils.calcFingerprint(localCert);
-                LocalRepoManager lrm = LocalRepoManager.get(WifiStateChangeService.this);
+                LocalRepoManager lrm = LocalRepoManager.get(context);
                 lrm.setUriString(FDroidApp.repo.address);
-                lrm.writeIndexPage(
-                        Utils.getSharingUri(WifiStateChangeService.this, FDroidApp.repo).toString());
+                lrm.writeIndexPage(Utils.getSharingUri(context, FDroidApp.repo).toString());
+
+                /*
+                 * Once the IP address is known we need to generate a self
+                 * signed certificate to use for HTTPS that has a CN field set
+                 * to the ipAddressString. This must be run in the background
+                 * because if this is the first time the singleton is run, it
+                 * can take a while to instantiate.
+                 */
+                if (Preferences.get().isLocalRepoHttpsEnabled())
+                    localRepoKeyStore.setupHTTPSCertificate();
             } catch (InterruptedException e) {
                 e.printStackTrace();
             }
@@ -82,6 +95,7 @@ public class WifiStateChangeService extends Service {
             Intent intent = new Intent(BROADCAST);
             LocalBroadcastManager.getInstance(WifiStateChangeService.this).sendBroadcast(intent);
             WifiStateChangeService.this.stopSelf();
+            FDroidApp.restartLocalRepoService();
         }
     }
 
diff --git a/src/org/fdroid/fdroid/views/LocalRepoActivity.java b/src/org/fdroid/fdroid/views/LocalRepoActivity.java
index 88cf18ea4..554916b75 100644
--- a/src/org/fdroid/fdroid/views/LocalRepoActivity.java
+++ b/src/org/fdroid/fdroid/views/LocalRepoActivity.java
@@ -22,18 +22,10 @@ import android.view.*;
 import android.widget.*;
 
 import org.fdroid.fdroid.*;
-import org.fdroid.fdroid.localrepo.LocalRepoKeyStore;
 import org.fdroid.fdroid.localrepo.LocalRepoManager;
 import org.fdroid.fdroid.localrepo.LocalRepoService;
 import org.fdroid.fdroid.net.WifiStateChangeService;
-import org.spongycastle.operator.OperatorCreationException;
 
-import java.io.FileNotFoundException;
-import java.io.IOException;
-import java.security.KeyStoreException;
-import java.security.NoSuchAlgorithmException;
-import java.security.UnrecoverableKeyException;
-import java.security.cert.CertificateException;
 import java.util.Locale;
 import java.util.Timer;
 import java.util.TimerTask;
@@ -261,28 +253,6 @@ public class LocalRepoActivity extends Activity {
             fingerprintTextView.setVisibility(View.GONE);
         }
 
-        // Once the IP address is known we need to generate a self signed
-        // certificate to use for HTTPS that has a CN field set to the
-        // ipAddressString. We'll generate it even if useHttps is false
-        // to simplify having to detect when that preference changes.
-        try {
-            LocalRepoKeyStore.get(this).setupHTTPSCertificate();
-        } catch (UnrecoverableKeyException e) {
-            e.printStackTrace();
-        } catch (CertificateException e) {
-            e.printStackTrace();
-        } catch (OperatorCreationException e) {
-            e.printStackTrace();
-        } catch (KeyStoreException e) {
-            e.printStackTrace();
-        } catch (NoSuchAlgorithmException e) {
-            e.printStackTrace();
-        } catch (FileNotFoundException e) {
-            e.printStackTrace();
-        } catch (IOException e) {
-            e.printStackTrace();
-        }
-
         // the required NFC API was added in 4.0 aka Ice Cream Sandwich
         if (Build.VERSION.SDK_INT >= 14) {
             NfcAdapter nfcAdapter = NfcAdapter.getDefaultAdapter(this);