From 8e4bfdbc700fefff269cb2dfd5155bfc4dc7aa5f Mon Sep 17 00:00:00 2001
From: Sefa Ilkimen <sefa.ilkimen@mobisys.de>
Date: Fri, 25 May 2018 18:45:10 +0200
Subject: [PATCH 1/2] remove explicit host name verification setting on Android

---
 .../github/kevinsawicki/http/HttpRequest.java    | 16 +++-------------
 .../synconset/cordovahttp/CordovaHttpPlugin.java |  4 ----
 2 files changed, 3 insertions(+), 17 deletions(-)

diff --git a/src/android/com/github/kevinsawicki/http/HttpRequest.java b/src/android/com/github/kevinsawicki/http/HttpRequest.java
index 6171c2c..1fe0e4a 100644
--- a/src/android/com/github/kevinsawicki/http/HttpRequest.java
+++ b/src/android/com/github/kevinsawicki/http/HttpRequest.java
@@ -302,10 +302,13 @@ public class HttpRequest {
     try {
       if (mode == CERT_MODE_TRUSTALL) {
         SOCKET_FACTORY = createSocketFactory(getNoopTrustManagers());
+        HOSTNAME_VERIFIER = getTrustedVerifier();
       } else if (mode == CERT_MODE_PINNED) {
         SOCKET_FACTORY = createSocketFactory(getPinnedTrustManagers());
+        HOSTNAME_VERIFIER = null;
       } else {
         SOCKET_FACTORY = null;
+        HOSTNAME_VERIFIER = null;
       }
 
       CURRENT_CERT_MODE = mode;
@@ -314,19 +317,6 @@ public class HttpRequest {
     }
   }
 
-  /**
-   * Configure host name verification for all future HTTPS connections
-   *
-   * @param enabled
-   */
-  public static void setHostnameVerification(boolean enabled) {
-    if (enabled) {
-      HOSTNAME_VERIFIER = null;
-    } else {
-      HOSTNAME_VERIFIER = getTrustedVerifier();
-    }
-  }
-
   private static TrustManager[] getPinnedTrustManagers() throws IOException {
     if (PINNED_CERTS == null) {
       throw new IOException("You must add at least 1 certificate in order to pin to certificates");
diff --git a/src/android/com/synconset/cordovahttp/CordovaHttpPlugin.java b/src/android/com/synconset/cordovahttp/CordovaHttpPlugin.java
index 250b180..9a497f5 100644
--- a/src/android/com/synconset/cordovahttp/CordovaHttpPlugin.java
+++ b/src/android/com/synconset/cordovahttp/CordovaHttpPlugin.java
@@ -100,10 +100,8 @@ public class CordovaHttpPlugin extends CordovaPlugin {
 
             if (accept) {
               HttpRequest.setSSLCertMode(HttpRequest.CERT_MODE_TRUSTALL);
-              HttpRequest.setHostnameVerification(false);
             } else {
               HttpRequest.setSSLCertMode(HttpRequest.CERT_MODE_DEFAULT);
-              HttpRequest.setHostnameVerification(true);
             }
 
             callbackContext.success();
@@ -169,10 +167,8 @@ public class CordovaHttpPlugin extends CordovaPlugin {
             }
 
             HttpRequest.setSSLCertMode(HttpRequest.CERT_MODE_PINNED);
-            HttpRequest.setHostnameVerification(true);
         } else {
             HttpRequest.setSSLCertMode(HttpRequest.CERT_MODE_DEFAULT);
-            HttpRequest.setHostnameVerification(true);
         }
     }
 }

From 60189a68b3a54e2143905f2680f3dea187159544 Mon Sep 17 00:00:00 2001
From: Sefa Ilkimen <sefa.ilkimen@mobisys.de>
Date: Fri, 25 May 2018 18:58:52 +0200
Subject: [PATCH 2/2] update httpbin.org SSL cert

---
 .../www/certificates/httpbin.org.cer          | Bin 1294 -> 1558 bytes
 1 file changed, 0 insertions(+), 0 deletions(-)

diff --git a/test/app-template/www/certificates/httpbin.org.cer b/test/app-template/www/certificates/httpbin.org.cer
index 5bf6e8058a6c73cf372c3e3e34d1f5640fbfc7b6..8e0d88410d631142abd81494fcc50508e5540641 100644
GIT binary patch
delta 913
zcmV;C18)3|3YH8ZFoFgWFoFd7paTK{0s;~Qv(ly2|CDcA4!gQ_a7}6WjgcW@7d0_6
zFfcVUH8ffm4KX+{I59CWFf}tZk(xYzGbl5hvv0TgK#7m9O&zMVuOJLl7nyA~K6d2V
zoQW)Pj6Eix@LnY8Yy~F)N)|AayOaJ;8r0$PJtMy9Z;G1O){FLvhGBWEWdAfO?<Ln4
zE8M;J2>1A_QSY=8%Ubv?7Pf#^mO*%pb|5(axb`xwX1GdAgB4o@0!2pCX}AY}1={iZ
znJLk998=M}YS{{+8I0_nj_BpVg(doU<BNJ@#X1urzFqXT-MX7g?)<{6O$zI+#3e}I
z3hjT0WQfQFz{?|{NqqD($Q7($Jjp0C?X}u|yHlH<<{>)jb)9Sns16sSY$3~&wPtHU
zk(iyLMt?~@UtJEIJsfD_Sb$d!F#-bt00E<d10*nl10a*)0Z0^wFDK+y3Yg2v(o7j2
z9iH__IncnfJ_5Y~e}Vx71_~<%0R#coc>)9i1cCJgf${+G0CoT=JW-ZZ$T?-Ys!;q`
z2h_K3zgT)Ha@?fD4D{tiNA!3A00CoHG)HX!00aX7M=(VKAZVvBc4#R@YPstPBM3C*
z@Z@5>#5}-*@Yf~W{P#ZE%>p3+^z0f6zv!du6DjyXE5<Kxf6P1eM8nwS;KT$zyx<L1
zo&a_L+jOt)%PH)!{>naaZ7k)vs=GG#gmHt%U7b%iwjaM_0004FS2RbT000C707o!I
z0w7U(hAk2RaFm9ab3##^+%Q9AM>npgsMy!qi%$>ZxlRHh0G@d8bpf>pd&Mp&)#h&I
zsNXz7nljtUf3U<YWHBzBfzmJy1_>&LNQU<f0RamI00V*n0RSIfwps(pEjBfTQ4Rr5
z2MXPO8^h;>xnb)_YvjaO>##z&H`0wD1o+c%Z1o@8v!FH*yBo%BsTs-rP+d8MNK<mk
zL4}p{dvg$S(!2-w7H3(ed$ZUwnpg)~CJ+<OFvnWbfAse%mZFIGVjsJHq7b*7dT(;c
z*y^;oW=xHjaTLF+U_8gq=_IiKtSPSYi>)>`VU=LpU)TTN_nr<OLC1?0HF?yURB!55
ze|%C|uL>+un9V|bl^a>4kDNESyo;%SeOe^Or0+5A5!&t*;U)1Bpiy^XeC0C8GbQ~C
n`vGgKAO5^sK@YAKgI(u^VE&?(-^_kmlW}v*G=`Mim(U~Wy7ryn

delta 647
zcmV;20(kwF42}vRFoFdNFoFZ}paTK{0s;~PRk3l5iZ<-4Y#-{v-O%j$t&t&O7c((4
zFflSSG&EWl4KX+{HZd_UF)}kWk(xYz^#MJ7+?el3{gFB24m-h7gTF={j`}?i8?t7)
z#g<(32KS*-;imd}ojEEK);8AT<EwofJdH_>E^-E$5W;s@1StDK*rE3cJD7RRtUH|m
zB4^M9C#a<vk;;Sq&}h#P<hJrfnsSzbmGfqkc<TndwI1kRh^?8!M4`NQPk54la^9AW
zQfzz!CcD*o8E*+qfwX8WP(LKj1?QAeTZNYNxK95>`Z`r%#D1?nzjVS>L6;+nz*SpB
zRYm=k0Ro%($EF7CQv9_?F`TBg(xHe90tHM8K$ABbxom+L6!!pkzq>FTQCi0KT+$EG
z&)GMb;J{n@tj1Lv<U;E%ARyEZ*#ZLr00E<d0vs@c0vMCx0Z0@8>|lcT%7t&0W(GK#
z`(?KV;0pV*J_5Y~e+>o+Duzgg_YDC73k3iJf&l>l3f-|*E>T6F^zPQm8H=V?7X-J@
z+FHx-Hzpq*pUw-PpH5ft6#AWdT~6@H<gXzW&9Z-F0e3IfFZ^;%+WS<PTJRU+i=0i0
zUUlqOQy$zj#d%ArvP&FMLXQ2-aPQmv0uMw1sNC)jwYA3ue>RxniR-QTu_WnM1_u^A
z1VvRZ;sQ_DJX+*|W+^iR1=RnHiKWVC09vB28t$u&#Moh?V#VJTUAPgzyqLz!Wr#gV
zpY7@yF5`nJdmz~x=wXx53cf~|i?}oP@ziE<RkOzuFHCsIXqqBxLoBX4HBAfYgjCMg
hQLy+pZZFSu6>?1K>x>e^{dY{!7tNbr>e!+Ny)Oy6D%Jo1