From 139d7ecb0d2532436c380fc12c0df164b35d0b4a Mon Sep 17 00:00:00 2001
From: cyBerta <cyberta@riseup.net>
Date: Tue, 3 Dec 2024 02:03:16 +0100
Subject: [PATCH] validate ca certificate after fetching it from the API

---
 .../leap/bitmaskclient/providersetup/ProviderApiManagerV5.java  | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/app/src/main/java/se/leap/bitmaskclient/providersetup/ProviderApiManagerV5.java b/app/src/main/java/se/leap/bitmaskclient/providersetup/ProviderApiManagerV5.java
index d478c08e6..404ded0aa 100644
--- a/app/src/main/java/se/leap/bitmaskclient/providersetup/ProviderApiManagerV5.java
+++ b/app/src/main/java/se/leap/bitmaskclient/providersetup/ProviderApiManagerV5.java
@@ -210,6 +210,7 @@ public class ProviderApiManagerV5 extends ProviderApiManagerBase implements IPro
         try {
             String cert = bm.getOpenVPNCert();
             currentDownload = loadCredentials(provider, cert);
+            currentDownload = validateCertificateForProvider(currentDownload, provider);
         } catch (Exception e) {
             return eventSender.setErrorResult(currentDownload, R.string.error_json_exception_user_message, null);
         }
@@ -223,6 +224,7 @@ public class ProviderApiManagerV5 extends ProviderApiManagerBase implements IPro
         try {
             CredentialsParser.parseXml(credentials, provider);
         } catch (XmlPullParserException | IOException e) {
+            e.printStackTrace();
             return eventSender.setErrorResult(result, vpn_certificate_is_invalid, null);
         }
 
-- 
GitLab