Reject non-ASCII hostnames and SANs.

Removes the possibility of certificates spoofing DNS names by
exploiting name collisions when lowercasing Unicode characters.
Note that the relevant RFCs mandate that domain names in
certificates should be stored using IDNA 2008 rules, i.e. as
ASCII punycode.

Bug: 171980069
Test: atest CtsLibcoreTestCases CtsLibcoreOkHttpTestCases
Change-Id: I96d52609ce4966ff11f649ca940de3b02a43b0b2
(cherry picked from commit 72ac99d371b9794bd4947ae2794e3ef322e36673)
3 files changed
tree: 2ad7b0e2387008893154a5e24071debcf5864131
  1. .buildscript/
  2. android/
  3. benchmarks/
  4. mockwebserver/
  5. okcurl/
  6. okhttp/
  7. okhttp-android-support/
  8. okhttp-apache/
  9. okhttp-hpacktests/
  10. okhttp-logging-interceptor/
  11. okhttp-testing-support/
  12. okhttp-tests/
  13. okhttp-urlconnection/
  14. okhttp-ws/
  15. okhttp-ws-tests/
  16. okio/
  17. repackaged/
  18. samples/
  19. srcgen/
  20. website/
  21. .gitignore
  22. .travis.yml
  23. Android.bp
  24. BUG-BOUNTY.md
  25. CHANGELOG.md
  26. checkstyle.xml
  27. CONTRIBUTING.md
  28. deploy_website.sh
  29. LICENSE.txt
  30. MODULE_LICENSE_APACHE2
  31. OWNERS
  32. pom.xml
  33. PREUPLOAD.cfg
  34. README.android
  35. README.md
README.md

OkHttp

An HTTP & SPDY client for Android and Java applications. For more information see the website and the wiki.

Download

Download the latest JAR or grab via Maven:

<dependency>
  <groupId>com.squareup.okhttp</groupId>
  <artifactId>okhttp</artifactId>
  <version>2.6.0</version>
</dependency>

or Gradle:

compile 'com.squareup.okhttp:okhttp:2.6.0'

Snapshots of the development version are available in Sonatype's snapshots repository.

MockWebServer

A library for testing HTTP, HTTPS, HTTP/2.0, and SPDY clients.

MockWebServer coupling with OkHttp is essential for proper testing of SPDY and HTTP/2.0 so that code can be shared.

Download

Download the latest JAR or grab via Maven:

<dependency>
  <groupId>com.squareup.okhttp</groupId>
  <artifactId>mockwebserver</artifactId>
  <version>2.6.0</version>
  <scope>test</scope>
</dependency>

or Gradle:

testCompile 'com.squareup.okhttp:mockwebserver:2.6.0'

License

Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at

   http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.