GitLab

am: 5095ad99

* commit '5095ad99':
  Add depedencies that allow error prone to compile source.

Change-Id: I7f68fa2f347c64a911c869e1a648d23e19a13913

am: bda9492f

* commit 'bda9492f':
  Add depedencies that allow error prone to compile source.

Change-Id: I1c6967db787145d03feb79da333adf6d6d83e965

Bug: 27723540
Change-Id: Ibd6faa03d9d3e52a0372be8192b756fe3940588e

am: cc9d1287

* commit 'cc9d1287':
  Don't build the stub org.apache.http.legacy.jar in PDK build.

Change-Id: Iaacafbacba49c233f9a3859382b93f27e6d6773d

am: 0399abc7

* commit '0399abc7':
  apache-http: Fix stubs generation.

- We're asking doclava to generate stubs for all apache http packages.
  We must therefore point it to all apache-http sources (including the
  handful that live in frameworks/base).
- Stop asking for stubs for android.net.*. These classes are still
  public frameworks API and their stubs will be present in android.jar.

(cherry picked from commit 43ffae2b513e42623b213fbf08eea9255cb8ac7e)

Change-Id: I626459d4547ae14555435da8de73645e47a3461e

- We're asking doclava to generate stubs for all apache http packages.
  We must therefore point it to all apache-http sources (including the
  handful that live in frameworks/base).
- Stop asking for stubs for android.net.*. These classes are still
  public frameworks API and their stubs will be present in android.jar.

(cherry picked from commit 43ffae2b513e42623b213fbf08eea9255cb8ac7e)

Change-Id: I6525df298a8d35bdab2b765fd2ed088e19633146

Conscrypt's TrustManagerImpl is changing from X509TrustManager to
X509ExtendedTrustManager. apache-http is linking against an SDK
release version without X509ExtendedTrustManager which causes errors.

Remove the instanceof check to since it will work fine without it on the
old and the new code.

Change-Id: If4aedbd43f7716d8a3e15b2cfd2e218cb8d533a4

The cleartext traffic blocking feature of
android.net.NetworkSecurityPolicy is being expanded to provide finer
grained controls (per hostname). This change integrates the Apache HTTP
stack with these finer grained controls.

Bug: 22666071
Change-Id: If557d7fbd4df708305fbb7656026fc366ac4bb6d

This supports X509TrustManagers other than TrustManagerImpl that
implement the hostname aware checkServerTrusted.

Change-Id: Icc4591b32f52c833a49180b198e5dd24294dde37

* commit '72b40431':
  Start handshake before calling hostname verifier

If the hostname verifier calls SSLSocket#getSession() before the
handshake has been started, it will implicitly start the handshake.
However, it will swallow any errors and return the canonical invalid
SSLSession instead. This makes it extremely difficult to debug issues.

Instead start the handshake before calling into the verifier since we
are guaranteed to be the first caller of #startHandshake() and won't
cause a renegotiation. That will allow us to see the actual
SSLHandshakeException if it occurs.

Bug: 14975169
Bug: 17332309
Bug: 17524215
Bug: 17812533
Bug: 18507278
Bug: 19069992
Bug: 19378885
Bug: 19414083
Bug: 19550311
Bug: 19731556
Bug: 19853723
Bug: 20908941
Change-Id: Ie74ec12c8b131c7bf400a07fc91c78da4d5e470f

Even though the stub org.apache.http.legacy.jar itself can be
built from source against the SDK, its dependency conscrypt must
be built against libcore-art.
(Actually we could remove the droiddoc module apache-http-stubs-gen's
dependency on conscrypt. It would lead doclava to complain error of
unresolved symbols of conscrypt. Such error isn't fatal because the
stub java files don't reference any conscrypt symbols.)

Also by using prebuilt org.apache.http.legacy, unbundled branches don't
need to pull in external/doclava and its many dependency projects.

Bug: 20221594
Change-Id: I6fb4377d35a70ad544cb8a91695e23625365df60

Also, rename the non-stubs org.apache.http.legacy jar ->
org.apache.http.legacy.boot and include it in the boot classpath.

Change-Id: Ibcfa5429f6565e86ab03bbc793e20f1860e3821a

Also, distribute those stubs with the SDK instead of the actual
code. In a follow up change, we will use those stubs for building
platform dependencies as well.

Change-Id: If60624d095a69f69876f9cc32a8078c01e090a64

* commit 'aa83190c':
  Honor NetworkSecurityPolicy regarding cleartext traffic.

This makes HttpClient instances honor the process-wide policy about
cleartext network traffic. If cleartext network traffic is not
permitted, then attempts to send a cleartext HTTP request will throw
an IOException.

This change is needed despite platform-provided HttpClient being
deprecated because a large fraction of applications still use this
HttpClient library to generate HTTP traffic instead of using
URLConnection.

HttpClient is modular -- most of its parts can be replaced with
alternative implementations. Thus, this CL enforces the cleartext
traffic policy in DefaultRequestDirector because RequestDirector is
least commonly replaced (if ever) and there are no other
RequestDirector implementations provided by the library.

The cleartext policy is enforced pretty late in the process of
emitting a request to give time for any HttpRequestInterceptor
instances to see the request. This is because some apps use a
HttpRequestInterceptor to enforce their own policies about cleartext
HTTP such as catching accidental use of cleartext HTTP and reporting
it to their servers for analysis.

Bug: 19215516
Change-Id: I03687123080475581e7196d9bb8c0d006502d056

Bug: 19505778
Change-Id: I31684ed7a88d1e766be1c41e0768345aa9af2557

The build system can use this as a test for whether we
should add a dependency to the library by hand.

bug: 18027885
Change-Id: I89eb870ed47928fdd815393f8fe6f64b2a69922e

Lets us build it from source on both unbundled and platform
branches. The main changes are :

- We need a placeholder "WebAddress" class that's used internally.
  The class will be deleted from the frameworks once the webview
  stops using it (sigh...)

- Use TrafficStats instead of SocketTagger.

- Remove @hide annotations because they don't matter any more. We're
  not building stubs any more, and apps in both unbundled and platform
  branches will compile directly against the jar. We don't care about
  any of that because this is all deprecated API and deleted from the
  API specification.

bug: 18027885.

Change-Id: I6b5f06db2e3e0e34ccd7264c15e1fe594e61862e

.. and move some parts of apache-http into the framework. The parts that
have been moved need to be in the bootclasspath because we have public API
that returns org.apache.http.conn.ssl.SSLSocketFactory :( .

This change also removes the placeholder library shim.

bug: 18027885

Change-Id: I37aa7562bcd5e05191b83676fae4533e03b86d1d

* commit '1cbd67d9':
  Fix @link annotation in documentation for hyperlink generation

* commit 'c7fe4b37':
  Fix @link annotation in documentation for hyperlink generation

Change-Id: Ia01f2d4d523b2fbb3ed227f003218841e00e608c
Signed-off-by: Ruey-Shi Rau <timrau@gmail.com>

This lets us move forward with the apache removal without
being blocked on the finalization of the API for the previous
release. We can drop the real library into place when we're
free to make API removal changes again on master.

bug: 18027885
Change-Id: I4aa62176e334939095f7a2c210c9180c8feb4019

* commit 'f2971864':
  Remove apache-http host build.

Was probably used by the dalvik host build once upon a time, but
isn't referenced any longer.

This is in preparation for changes that make this library depend
on the frameworks so that it isn't treated specially.

bug: 18027885
Change-Id: Iccf2ea4441eadea3400445d0542130c7362fd331

bug: 18067888
Change-Id: I8d830c20e952734e2bb63da1e785094b7a783308