DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUGĀ· RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT <http://issues.apache.org/bugzilla/show_bug.cgi?id=38612>. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED ANDĀ· INSERTED IN THE BUG DATABASE.
http://issues.apache.org/bugzilla/show_bug.cgi?id=38612 Summary: EasyX509TrustManager no longer checks cert expiry Product: HttpClient Version: Nightly Builds Platform: All URL: http://juliusdavies.ca/EasyX509TrustManager.patch OS/Version: All Status: NEW Severity: trivial Priority: P5 Component: HttpClient AssignedTo: [email protected] ReportedBy: [EMAIL PROTECTED] BugsThisDependsOn: 38425 EasyX509TrustManager was made even "easier" by the last commit: a socket will now be created when talking to a server with an expired certificate. 2 commits ago it looked like this (notice "return false" on line 107): 102 try { 103 certificate.checkValidity(); 104 } 105 catch (CertificateException e) { 106 LOG.error(e.toString()); 107 return false; 108 } Now it looks like this: 102 try { 103 certificate.checkValidity(); 104 } 105 catch (CertificateException e) { 106 LOG.error(e.toString()); 107 } I'm proposing we just do: 102 certificate.checkValidity(); Now that we're using Java 1.4 in the contrib code, we'll just let the CertificateException fly up the stack. -- Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
