Bug fixes, SDK level 19

* use SDK level 19
* add action to all preference intents (fixes #92)
* use StrictHostnameVerifier instead of HttpsURLConnection.getDefaultHostnameVerifier() (fixes #88)
* use per-WebDavResource instead of static DavHttpClient to enable different settings for different accounts

project.properties

@@ -11,4 +11,4 @@
 #proguard.config=${sdk.dir}/tools/proguard/proguard-android.txt:proguard-project.txt
 
 # Project target.
-target=android-17
+target=android-19

res/values-de/strings.xml

@@ -42,8 +42,8 @@
        installieren, um Datenverlust beim Neustart zu vermeiden (dies ist ein Android/Play Store-Bug).</p>
        
        <p>Weitere Informationen erhalten Sie auf der <a href="http://davdroid.bitfire.at?pk_campaign=davdroid-app&amp;pk_kwd=main-activity">DAVdroid-Homepage</a>.
-       Dort finden Sie auch eine <a href="http://davdroid.bitfire.at/configuration?pk_campaign=davdroid-app&amp;pk_kwd=main-activity">Anleitung zum Einrichten</a>
+       Dort finden Sie auch eine <a href="http://davdroid.bitfire.at/configuration?pk_campaign=davdroid-app&amp;pk_kwd=main-activity">Anleitung zum Einrichten</a>.
-       DAVdroid ist auf den Schutz der Privatsphäre ausgelegt (siehe <a href="http://davdroid.bitfire.at/privacy?pk_campaign=davdroid-app&amp;pk_kwd=main-activity">Datenschutzrichtlinie</a>).</p>
+       DAVdroid respektiert Ihre Privatsphäre (siehe <a href="http://davdroid.bitfire.at/privacy?pk_campaign=davdroid-app&amp;pk_kwd=main-activity">Datenschutzrichtlinie</a>).</p>
        
        <p><b>Bei Problemen lesen Sie bitte die <a href="http://davdroid.bitfire.at/configuration?pk_campaign=davdroid-app&amp;pk_kwd=main-activity">häufig gestellten Fragen</a>.
        Im Falle eines Fehlers, der eindeutig durch DAVdroid verursacht wird, berichten Sie diesen wenn möglich auf
@@ -57,8 +57,7 @@
 	   <a href="https://f-droid.org/app/at.bitfire.davdroid">über F-Droid bezogen werden</a>.</p>
 	   
 	   <p>Es ist jedoch viel Arbeit, die App zu entwickeln und besser zu machen. Daher haben wir uns entschlossen, sie
-	   auch gegen eine kleine Gebühr in die Stores (Google Play,
+	   auch gegen eine kleine Gebühr in die Stores (Google Play, <a href="samsungapps://ProductDetail/at.bitfire.davdroid">Samsung Store</a>)
-	   <a href="http://apps.samsung.com/earth/topApps/topAppsDetail.as?productId=000000665458">Samsung Store</a>)
 	   zu stellen. Wenn Sie das Projekt unterstützen wollen, können Sie
 	   <a href="http://davdroid.bitfire.at/donate?pk_campaign=davdroid-app&amp;pk_kwd=main-activity">für DAVdroid spenden</a> oder die App kaufen.</p>
 	   

res/xml/account_prefs.xml

@@ -4,7 +4,8 @@
     <Preference android:title="@string/davdroid_help" >
         <intent
             android:targetPackage="at.bitfire.davdroid"
-            android:targetClass="at.bitfire.davdroid.MainActivity" />
+            android:targetClass="at.bitfire.davdroid.MainActivity"
+            android:action="ACTION_VIEW" />
     </Preference>
 
 </PreferenceScreen>

src/at/bitfire/davdroid/URIUtils.java

@@ -1,8 +1,5 @@
 package at.bitfire.davdroid;
 
-import java.net.URI;
-import java.net.URISyntaxException;
-
 import android.annotation.SuppressLint;
 import android.util.Log;
 

src/at/bitfire/davdroid/webdav/DavHttpClient.java

@@ -1,57 +1,46 @@
 package at.bitfire.davdroid.webdav;
 
 import org.apache.http.client.params.HttpClientParams;
-import org.apache.http.conn.ClientConnectionManager;
-import org.apache.http.conn.scheme.PlainSocketFactory;
 import org.apache.http.conn.scheme.Scheme;
 import org.apache.http.conn.scheme.SchemeRegistry;
 import org.apache.http.impl.client.DefaultHttpClient;
-import org.apache.http.impl.conn.tsccm.ThreadSafeClientConnManager;
 import org.apache.http.params.BasicHttpParams;
 import org.apache.http.params.CoreProtocolPNames;
 import org.apache.http.params.HttpConnectionParams;
 import org.apache.http.params.HttpParams;
 
 import at.bitfire.davdroid.Constants;
-import at.bitfire.davdroid.webdav.GzipDecompressingEntity;
-import at.bitfire.davdroid.webdav.TlsSniSocketFactory;
 
 // see AndroidHttpClient
 
 
 public class DavHttpClient extends DefaultHttpClient {
-	private static DavHttpClient httpClient = null;
+	private DavHttpClient(HttpParams params) {
-	
+		super(params);
-	private DavHttpClient(ClientConnectionManager connectionManager, HttpParams params) {
-		super(connectionManager, params);
 	}
 	
 	
-	public static synchronized DefaultHttpClient getInstance() {
+	public static DefaultHttpClient getDefault() {
-		if (httpClient == null) {
+		HttpParams params = new BasicHttpParams();
-			HttpParams params = new BasicHttpParams();
+		params.setParameter(CoreProtocolPNames.USER_AGENT, "DAVdroid/" + Constants.APP_VERSION);
-			params.setParameter(CoreProtocolPNames.USER_AGENT, "DAVdroid/" + Constants.APP_VERSION);
-			
-			// use defaults of AndroidHttpClient
-			HttpConnectionParams.setConnectionTimeout(params, 20 * 1000);
-			HttpConnectionParams.setSoTimeout(params, 20 * 1000);
-			HttpConnectionParams.setSocketBufferSize(params, 8192);
-			HttpConnectionParams.setStaleCheckingEnabled(params, false);
-			
-			// don't allow redirections
-			HttpClientParams.setRedirecting(params, false);
-			
-			// use our own, SNI-capable LayeredSocketFactory for https://
-		    SchemeRegistry schemeRegistry = new SchemeRegistry();
-		    schemeRegistry.register(new Scheme("http", PlainSocketFactory.getSocketFactory(), 80));
-		    schemeRegistry.register(new Scheme("https", new TlsSniSocketFactory(), 443));
-		    
-			httpClient = new DavHttpClient(new ThreadSafeClientConnManager(params, schemeRegistry), params);
-			
-			// allow gzip compression
-			GzipDecompressingEntity.enable(httpClient);
-		}
 		
+		// use defaults of AndroidHttpClient
+		HttpConnectionParams.setConnectionTimeout(params, 20 * 1000);
+		HttpConnectionParams.setSoTimeout(params, 20 * 1000);
+		HttpConnectionParams.setSocketBufferSize(params, 8192);
+		HttpConnectionParams.setStaleCheckingEnabled(params, false);
+		
+		// don't allow redirections
+		HttpClientParams.setRedirecting(params, false);
+		
+		DavHttpClient httpClient = new DavHttpClient(params);
+		
+		// use our own, SNI-capable LayeredSocketFactory for https://
+	    SchemeRegistry schemeRegistry = httpClient.getConnectionManager().getSchemeRegistry();
+	    schemeRegistry.register(new Scheme("https", new TlsSniSocketFactory(), 443));
+		
+		// allow gzip compression
+		GzipDecompressingEntity.enable(httpClient);
 		return httpClient;
 	}
 	

src/at/bitfire/davdroid/webdav/TlsSniSocketFactory.java

@@ -5,13 +5,14 @@ import java.net.InetAddress;
 import java.net.InetSocketAddress;
 import java.net.Socket;
 
-import javax.net.ssl.HttpsURLConnection;
+import javax.net.ssl.HostnameVerifier;
 import javax.net.ssl.SSLException;
 import javax.net.ssl.SSLPeerUnverifiedException;
 import javax.net.ssl.SSLSession;
 import javax.net.ssl.SSLSocket;
 
 import org.apache.http.conn.scheme.LayeredSocketFactory;
+import org.apache.http.conn.ssl.StrictHostnameVerifier;
 import org.apache.http.params.HttpParams;
 
 import android.annotation.TargetApi;
@@ -27,6 +28,8 @@ public class TlsSniSocketFactory implements LayeredSocketFactory {
 	// we will do this ourselves so we can set up SNI before
 	SSLCertificateSocketFactory sslSocketFactory =
 			(SSLCertificateSocketFactory) SSLCertificateSocketFactory.getInsecure(0, null);
+	
+	final static HostnameVerifier hostnameVerifier = new StrictHostnameVerifier();
 
 	
 	// Plain TCP/IP (layer below TLS)
@@ -71,7 +74,7 @@ public class TlsSniSocketFactory implements LayeredSocketFactory {
             throw new SSLException("Cannot verify SSL socket without session");
 		
 		// verify host name (important!)
-		if (!HttpsURLConnection.getDefaultHostnameVerifier().verify(host, session))
+		if (!hostnameVerifier.verify(host, session))
             throw new SSLPeerUnverifiedException("Cannot verify hostname: " + host);
 		return ssl;
 	}

src/at/bitfire/davdroid/webdav/WebDavResource.java

@@ -86,7 +86,7 @@ public class WebDavResource {
 	// content (available after GET)
 	@Getter protected InputStream content;
 
-	protected DefaultHttpClient client = DavHttpClient.getInstance();
+	protected DefaultHttpClient client;
 	
 	
 	public WebDavResource(URI baseURL, boolean trailingSlash) throws URISyntaxException {
@@ -99,22 +99,26 @@ public class WebDavResource {
 	public WebDavResource(URI baseURL, String username, String password, boolean preemptive, boolean trailingSlash) throws URISyntaxException {
 		this(baseURL, trailingSlash);
 		
+		client = DavHttpClient.getDefault();
+		
 		// authenticate
-		client.getCredentialsProvider().setCredentials(new AuthScope(location.getHost(), location.getPort()),
+		client.getCredentialsProvider().setCredentials(
-				new UsernamePasswordCredentials(username, password));
+			new AuthScope(location.getHost(), location.getPort()),
-		// preemptive auth is available for Basic auth only
+			new UsernamePasswordCredentials(username, password)
+		);
 		if (preemptive) {
-			Log.i(TAG, "Using preemptive Basic Authentication");
+			Log.i(TAG, "Using preemptive authentication (not compatible with Digest auth)");
 			client.addRequestInterceptor(new PreemptiveAuthInterceptor(), 0);
 		}
 	}
 
 	protected WebDavResource(WebDavResource parent, URI uri) {
 		location = uri;
+		client = parent.client;
 	}
 	
 	public WebDavResource(WebDavResource parent, String member) {
-		location = parent.location.resolve(URIUtils.sanitize(member));
+		this(parent, parent.location.resolve(URIUtils.sanitize(member)));
 	}
 	
 	public WebDavResource(WebDavResource parent, String member, boolean trailingSlash) {

test/project.properties

@@ -11,4 +11,4 @@
 #proguard.config=${sdk.dir}/tools/proguard/proguard-android.txt:proguard-project.txt
 
 # Project target.
-target=android-17
+target=android-19