Version 4.4.1 release and documentation

README.md

@@ -2,7 +2,7 @@
 
 Build script and dependencies to create repackaged upstream version of HttpClient and depdendencies (HttpMime, HttpCore, HttpClient-Cache) and get it working on Android API version from 3 to 23
 
-Current version: **4.3.6** (originating from upstream HttpClient 4.3.6 version)
+Current version: **4.4.1** (originating from upstream HttpClient 4.4.1 version)
 
 ## Usage
 
@@ -27,7 +27,7 @@ Build params (ENV variables) you can use:
 
 ## Maven Central
 
-This repository version will publish the library under namespace `cz.msebera.android:httpclient:4.3.6`
+This repository version will publish the library under namespace `cz.msebera.android:httpclient:4.4.1`
 
 ## Maven Local
 
@@ -39,7 +39,7 @@ Gradle dependency string, once you have it installed
 
 ```gradle
 dependencies {
- compile "cz.msebera.android:httpclient:4.3.6"
+ compile "cz.msebera.android:httpclient:4.4.1"
 }
 ```
 

build.sh

@@ -8,10 +8,10 @@ ANDROIDPROJECTPATH=${ROOTDIR}/${PROJECTNAME}
 EXTRAPACKAGENAME=extras
 KERBEROS_LIB_NAME="kerberos"
 
-CORE_VER=4.3.3
-CLIENT_VER=4.3.6
-CACHE_VER=4.3.6
-MIME_VER=4.3.6
+CORE_VER=4.4.1
+CLIENT_VER=4.4.1
+CACHE_VER=4.4.1
+MIME_VER=4.4.1
 
 : ${GRADLEW_VERSION:=2.6}
 : ${GRADLE_COMMAND:="gradle"}
@@ -166,6 +166,7 @@ if [ ${INCLUDE_JGSS_API} -ne 1 ]; then
  rm impl/auth/NegotiateSchemeFactory.java
  rm impl/auth/GGSSchemeBase.java
  rm impl/auth/KerberosScheme.java
+ rm auth/KerberosCredentials.java
  rm impl/auth/KerberosSchemeFactory.java
  rm impl/auth/SPNegoScheme.java
  rm impl/auth/SPNegoSchemeFactory.java
@@ -193,6 +194,7 @@ else
  cd ${PACKAGEDIR}
  find . -name "GssUtil.java" -exec ${SED_CMD} "s/new Boolean(second)\.toString();/Boolean.toString(second);/" {} +
  find . -name "GssUtil.java" -exec ${SED_CMD} "s/new Integer(second)\.toString();/Integer.toString(second);/" {} +
+ find . -name "GGSSchemeBase.java" -exec ${SED_CMD} "/final Base64 base64codec = new Base64(0);/c \/\* Base64 instance removed by HttpClient for Android script. \*\/" {} +
  find . -name "GGSSchemeBase.java" -exec ${SED_CMD} "/private final Base64 base64codec;/c \/\* Base64 instance removed by HttpClient for Android script. \*\/" {} +
  find . -name "GGSSchemeBase.java" -exec ${SED_CMD} "/this\.base64codec = new Base64(0);/c \/\* Base64 instance removed by HttpClient for Android script. \*\/" {} +
  find . -name "GGSSchemeBase.java" -exec ${SED_CMD} -n '1h;1!H;${;g;s/base64codec.encode(\([^;]*\)));/Base64.encode(\1, Base64.NO_WRAP));/g;p;}' {} +
@@ -208,6 +210,7 @@ find . -name "BasicScheme.java" -exec ${SED_CMD} "/this\.base64codec = new Base6
 find . -name "BasicScheme.java" -exec ${SED_CMD} -n '1h;1!H;${;g;s/Base64.encodeBase64(\([^;]*\));/Base64.encode(\1, Base64.NO_WRAP);/g;p;}' {} +
 find . -name "BasicScheme.java" -exec ${SED_CMD} -n '1h;1!H;${;g;s/base64codec.encode(\([^;]*\));/Base64.encode(\1, Base64.NO_WRAP);/g;p;}' {} +
 find . -name "BasicScheme.java" -exec ${SED_CMD} -n '1h;1!H;${;g;s/EncodingUtils\.getBytes(tmp\.toString(), charset), false/EncodingUtils.getBytes(tmp.toString(), charset)/g;p;}' {} +
+find . -name "BasicScheme.java" -exec ${SED_CMD} "/final Base64 base64codec = new Base64(0);/c \/\* Base64 instance removed by HttpClient for Android script. \*\/" {} +
 find . -name "NTLMEngineImpl.java" -exec ${SED_CMD} -n '1h;1!H;${;g;s/Base64.encodeBase64(resp)/Base64.encode(resp, Base64.NO_WRAP)/g;p;}' {} +
 find . -name "*.java" -exec ${SED_CMD} -n '1h;1!H;${;g;s/Base64.decodeBase64(\([^;]*\));/Base64.decode(\1, Base64.NO_WRAP);/g;p;}' {} +
 
@@ -242,7 +245,9 @@ cp ../AndroidManifest.xml src/main/
 ${SED_CMD} "s/sedpackage/cz\.msebera\.httpclient\.android/g" src/main/AndroidManifest.xml
 
 cd ${ANDROIDPROJECTPATH}
-patch ${PACKAGEDIR}/conn/ssl/AbstractVerifier.java ../patches/AbstractVerifier.java.patch.4.3.5
+patch ${PACKAGEDIR}/conn/ssl/DefaultHostnameVerifier.java ../patches/DefaultHostnameVerifier.java.patch.4.4.1
+patch ${PACKAGEDIR}/conn/ssl/AbstractVerifier.java ../patches/AbstractVerifier.java.patch.4.4.1
+cp ../patches/DistinguishedNameParser.java ${PACKAGEDIR}/conn/ssl/
 
 echo ">> Gradle build proceed"
 if [ ${INCLUDE_JGSS_API} -eq 1 ]; then

gradle.properties

@@ -1,5 +1,5 @@
-VERSION_NAME=4.3.6
-VERSION_CODE=436
+VERSION_NAME=4.4.1
+VERSION_CODE=441
 GROUP=cz.msebera.android
 
 POM_ARTIFACT_ID=httpclient

patches/AbstractVerifier.java.patch.4.4.1

@@ -0,0 +1,29 @@
+diff --git a/AbstractVerifier.java b/AbstractVerifier2.java
+index d7f7e8a..a1e772b 100644
+--- a/AbstractVerifier.java
++++ b/AbstractVerifier2.java
+@@ -136,7 +136,7 @@ public abstract class AbstractVerifier implements X509HostnameVerifier {
+ final int subjectType = ipv4 || ipv6 ? DefaultHostnameVerifier.IP_ADDRESS_TYPE : DefaultHostnameVerifier.DNS_NAME_TYPE;
+ final List<String> subjectAlts = DefaultHostnameVerifier.extractSubjectAlts(cert, subjectType);
+ final X500Principal subjectPrincipal = cert.getSubjectX500Principal();
+- final String cn = DefaultHostnameVerifier.extractCN(subjectPrincipal.getName(X500Principal.RFC2253));
++ final String cn = new DistinguishedNameParser(subjectPrincipal).findMostSpecific("cn");
+ verify(host,
+ cn != null ? new String[] {cn} : null,
+ subjectAlts != null && !subjectAlts.isEmpty() ? subjectAlts.toArray(new String[subjectAlts.size()]) : null);
+@@ -218,13 +218,8 @@ public abstract class AbstractVerifier implements X509HostnameVerifier {
+ }
+
+ public static String[] getCNs(final X509Certificate cert) {
+- final String subjectPrincipal = cert.getSubjectX500Principal().toString();
+- try {
+- final String cn = DefaultHostnameVerifier.extractCN(subjectPrincipal);
+- return cn != null ? new String[] { cn } : null;
+- } catch (SSLException ex) {
+- return null;
+- }
++ final String cn = new DistinguishedNameParser(cert.getSubjectX500Principal()).findMostSpecific("cn");
++ return cn != null ? new String[] { cn } : null;
+ }
+
+ /**

patches/DefaultHostnameVerifier.java.patch.4.4.1

@@ -0,0 +1,48 @@
+diff --git a/DefaultHostnameVerifier.java b/DefaultHostnameVerifier2.java
+index 7fe7cb4..b4d0382 100644
+--- a/DefaultHostnameVerifier.java
++++ b/DefaultHostnameVerifier2.java
+@@ -111,7 +111,7 @@ public final class DefaultHostnameVerifier implements HostnameVerifier {
+ // CN matching has been deprecated by rfc2818 and can be used
+ // as fallback only when no subjectAlts are available
+ final X500Principal subjectPrincipal = cert.getSubjectX500Principal();
+- final String cn = extractCN(subjectPrincipal.getName(X500Principal.RFC2253));
++ final String cn = new DistinguishedNameParser(subjectPrincipal).findMostSpecific("cn");
+ if (cn == null) {
+ throw new SSLException("Certificate subject for <" + host + "> doesn't contain " +
+ "a common name and does not have alternative names");
+@@ -229,34 +229,6 @@ public final class DefaultHostnameVerifier implements HostnameVerifier {
+ return matchIdentity(host, identity, null, true);
+ }
+
+- static String extractCN(final String subjectPrincipal) throws SSLException {
+- if (subjectPrincipal == null) {
+- return null;
+- }
+- try {
+- final LdapName subjectDN = new LdapName(subjectPrincipal);
+- final List<Rdn> rdns = subjectDN.getRdns();
+- for (int i = rdns.size() - 1; i >= 0; i--) {
+- final Rdn rds = rdns.get(i);
+- final Attributes attributes = rds.toAttributes();
+- final Attribute cn = attributes.get("cn");
+- if (cn != null) {
+- try {
+- final Object value = cn.get();
+- if (value != null) {
+- return value.toString();
+- }
+- } catch (NoSuchElementException ignore) {
+- } catch (NamingException ignore) {
+- }
+- }
+- }
+- return null;
+- } catch (InvalidNameException e) {
+- throw new SSLException(subjectPrincipal + " is not a valid X500 distinguished name");
+- }
+- }
+-
+ static List<String> extractSubjectAlts(final X509Certificate cert, final int subjectType) {
+ Collection<List<?>> c = null;
+ try {