[Security] SSL/TLS Man in the middle

[Rafiot]

Hi,

The app doesn't check the validity of the certificates it receives from the server: https://github.com/gggard/AndroidCaldavSyncAdapater/blob/27e8a0f8495c92e0780d450bdf0c7cec77a03a55/CalDAVSyncAdapter/src/org/gege/caldavsyncadapter/caldav/EasySSLSocketFactory.java#L76

This is a critical but making it very easy for anyone to snoop into a, in theory, secure connection.

[alincalinciuc]

Wil there be any update to fix this security issue?

[untitaker]

This is a very serious issue. It basically makes this app not fit for daily use.