From e2aa2affd720f8fbec25e1fffea0ba2eac0b3f17 Mon Sep 17 00:00:00 2001
From: zzz <zzz@mail.i2p>
Date: Mon, 23 Jul 2012 23:10:26 +0000
Subject: [PATCH]  * LookaheadInputStream: Fix bug causing gunzip fails, esp.
 on Android  * SSLEepGet: Fix on Android (ticket #668)

---
 .../net/i2p/util/LookaheadInputStream.java    |  2 +-
 core/java/src/net/i2p/util/SSLEepGet.java     | 21 +++++++++++++++----
 2 files changed, 18 insertions(+), 5 deletions(-)

diff --git a/core/java/src/net/i2p/util/LookaheadInputStream.java b/core/java/src/net/i2p/util/LookaheadInputStream.java
index ed698eb3ac..67d48e87ad 100644
--- a/core/java/src/net/i2p/util/LookaheadInputStream.java
+++ b/core/java/src/net/i2p/util/LookaheadInputStream.java
@@ -44,7 +44,7 @@ public class LookaheadInputStream extends FilterInputStream {
         Arrays.fill(_footerLookahead, (byte)0x00);
         int footerRead = 0;
         while (footerRead < _footerLookahead.length) {
-            int read = in.read(_footerLookahead);
+            int read = in.read(_footerLookahead, footerRead, _footerLookahead.length - footerRead);
             if (read == -1) throw new IOException("EOF reading the footer lookahead");
             footerRead += read;
         }
diff --git a/core/java/src/net/i2p/util/SSLEepGet.java b/core/java/src/net/i2p/util/SSLEepGet.java
index 1368a16198..2e58d61638 100644
--- a/core/java/src/net/i2p/util/SSLEepGet.java
+++ b/core/java/src/net/i2p/util/SSLEepGet.java
@@ -90,6 +90,8 @@ public class SSLEepGet extends EepGet {
     /** may be null if init failed */
     private SavingTrustManager _stm;
 
+    private static final boolean _isAndroid = System.getProperty("java.vendor").contains("Android");
+
     /**
      *  A new SSLEepGet with a new SSLState
      */
@@ -192,12 +194,23 @@ public class SSLEepGet extends EepGet {
         String override = System.getProperty("javax.net.ssl.keyStore");
         if (override != null)
             success = loadCerts(new File(override), ks);
-        if (!success)
-            success = loadCerts(new File(System.getProperty("java.home"), "lib/security/jssecacerts"), ks);
-        if (!success)
-            success = loadCerts(new File(System.getProperty("java.home"), "lib/security/cacerts"), ks);
+        if (!success) {
+            if (_isAndroid) {
+                // thru API 13. As of API 14 (ICS), the file is gone, but
+                // ks.load(null, pw) will bring in the default certs?
+                success = loadCerts(new File(System.getProperty("java.home"), "etc/security/cacerts.bks"), ks);
+            } else {
+                success = loadCerts(new File(System.getProperty("java.home"), "lib/security/jssecacerts"), ks);
+                if (!success)
+                    success = loadCerts(new File(System.getProperty("java.home"), "lib/security/cacerts"), ks);
+            }
+        }
 
         if (!success) {
+            try {
+                // must be initted
+                ks.load(null, "changeit".toCharArray());
+            } catch (Exception e) {}
             _log.error("All key store loads failed, will only load local certificates");
         } else if (_log.shouldLog(Log.INFO)) {
             int count = 0;
-- 
GitLab