From 22c36d609c39f91b8c8bad2afe65b7cf5c5f052b Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Dominik=20Sch=C3=BCrmann?= <dominik@dominikschuermann.de>
Date: Wed, 21 Oct 2015 23:07:10 +0200
Subject: Fix keybase verification

---
 .../keychain/util/OkHttpKeybaseClient.java         | 37 ++++++++++------------
 .../res/layout/view_key_adv_keybase_fragment.xml   |  9 ------
 OpenKeychain/src/main/res/values/strings.xml       |  1 -
 extern/KeybaseLib                                  |  2 +-
 4 files changed, 18 insertions(+), 31 deletions(-)

diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/util/OkHttpKeybaseClient.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/util/OkHttpKeybaseClient.java
index 32a5406e0..d2c90cfcd 100644
--- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/util/OkHttpKeybaseClient.java
+++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/util/OkHttpKeybaseClient.java
@@ -34,24 +34,14 @@ import java.util.concurrent.TimeUnit;
  */
 public class OkHttpKeybaseClient implements KeybaseUrlConnectionClient {
 
-    private final OkUrlFactory factory;
-
-    private static OkUrlFactory generateUrlFactory() {
+    private OkUrlFactory generateUrlFactory() {
         OkHttpClient client = new OkHttpClient();
         return new OkUrlFactory(client);
     }
 
-    public OkHttpKeybaseClient() {
-        factory = generateUrlFactory();
-    }
-
     @Override
-    public URLConnection openConnection(URL url) throws IOException {
-        return openConnection(url, null);
-    }
-
-    @Override
-    public URLConnection openConnection(URL url, Proxy proxy) throws IOException {
+    public URLConnection openConnection(URL url, Proxy proxy, boolean isKeybase) throws IOException {
+        OkUrlFactory factory = generateUrlFactory();
         if (proxy != null) {
             factory.client().setProxy(proxy);
             factory.client().setConnectTimeout(30000, TimeUnit.MILLISECONDS);
@@ -63,17 +53,24 @@ public class OkHttpKeybaseClient implements KeybaseUrlConnectionClient {
 
         factory.client().setFollowSslRedirects(false);
 
-        // forced the usage of keybase.io pinned certificate
-        try {
-            if (!TlsHelper.usePinnedCertificateIfAvailable(factory.client(), url)) {
-                throw new IOException("no pinned certificate found for URL!");
+        // forced the usage of api.keybase.io pinned certificate
+        if (isKeybase) {
+            try {
+                if (!TlsHelper.usePinnedCertificateIfAvailable(factory.client(), url)) {
+                    throw new IOException("no pinned certificate found for URL!");
+                }
+            } catch (TlsHelper.TlsHelperException e) {
+                Log.e(Constants.TAG, "TlsHelper failed", e);
+                throw new IOException("TlsHelper failed");
             }
-        } catch (TlsHelper.TlsHelperException e) {
-            Log.e(Constants.TAG, "TlsHelper failed", e);
-            throw new IOException("TlsHelper failed");
         }
 
         return factory.open(url);
     }
 
+    @Override
+    public String getKeybaseBaseUrl() {
+        return "https://api.keybase.io/";
+    }
+
 }
\ No newline at end of file
diff --git a/OpenKeychain/src/main/res/layout/view_key_adv_keybase_fragment.xml b/OpenKeychain/src/main/res/layout/view_key_adv_keybase_fragment.xml
index 75d56e092..c2e839709 100644
--- a/OpenKeychain/src/main/res/layout/view_key_adv_keybase_fragment.xml
+++ b/OpenKeychain/src/main/res/layout/view_key_adv_keybase_fragment.xml
@@ -30,15 +30,6 @@
                 android:layout_height="wrap_content"
                 android:text="@string/section_keybase_proofs" />
 
-            <TextView
-                android:layout_width="wrap_content"
-                android:layout_height="wrap_content"
-                android:background="?attr/colorButtonRow"
-                android:gravity="center_horizontal"
-                android:padding="8dp"
-                android:text="@string/key_trust_header_text"
-                android:textAppearance="?android:attr/textAppearanceSmall" />
-
             <View
                 android:layout_width="match_parent"
                 android:layout_height="1dip"
diff --git a/OpenKeychain/src/main/res/values/strings.xml b/OpenKeychain/src/main/res/values/strings.xml
index e12a8665d..10ec9f039 100644
--- a/OpenKeychain/src/main/res/values/strings.xml
+++ b/OpenKeychain/src/main/res/values/strings.xml
@@ -681,7 +681,6 @@
     <string name="key_trust_no_cloud_evidence">"No proof from the Internet on this key’s trustworthiness."</string>
     <string name="key_trust_start_cloud_search">"Start search"</string>
     <string name="key_trust_results_prefix">"Keybase.io offers “proofs” which assert that the owner of this key: "</string>
-    <string name="key_trust_header_text">"Note: Keybase.io proofs are an experimental feature of OpenKeychain. We encourage you to scan QR Codes or exchange keys via NFC in addition to confirming them."</string>
 
     <!-- keybase proof stuff -->
     <string name="keybase_narrative_twitter">"Posts to Twitter as %s"</string>
diff --git a/extern/KeybaseLib b/extern/KeybaseLib
index b89648f50..bc02742a5 160000
--- a/extern/KeybaseLib
+++ b/extern/KeybaseLib
@@ -1 +1 @@
-Subproject commit b89648f50011445df59fa02f16a0691857aea681
+Subproject commit bc02742a59f4cc984cd497e14ac48cb61fe6e8ce
-- 
cgit v1.2.3