Fix HTTPS download of Seattle installer zip

[aaaaalbert]

We previously overrode TLS certificate checks for HTTPS downloads
(why did we do that again?), and only verified that the FQDN from
which we attempted to download was on a whitelist. This was a bad
idea, as a MITM could tamper with our DNS and redirect the download
to a site they control.

Also, bump app version to 1.2.

[aaaaalbert]

I've tested the correctness of HTTPS downloads by

• Running a web server on my development machine that serves a fake installer zip file and presents a self-signed certificate for seattleclearinghouse.poly.edu
• Running a virtual Android device running in Eclipse / emulator, inside of which I'm
  ** redirecting the Seattle clearinghouse FQDN to the development machine's IP using the /system/etc/hosts file
  ** Installing SeattleTestbed app

logcat output shows the expected SSL errors due to the self-signed certificate, and the app complains that it could not be installed, and that the install log contains details (which it does!).

If I remove the hosts entry, the app is able to access the actual seattleclearinghouse, and Seattle installs just fine.

@JustinCappos and @yyzhuang, this also needs to go into SensibilityTestbed.

[aaaaalbert]

P.S.: I'll see if I can run CERT.org's "Tapioca" MITM tests on the updated app too.

[aaaaalbert]

Here's the mallodroid report for the patched APK. (Since we don't do custom trustmanagers etc. now, there is nothing to report).

aaaaa@sb32:~/devel/mallodroid$ python mallodroid.py -j -f ~/shared_folder/SeattleTestbedFixHttpsDownload.apk
Analyse file: /home/aaaaa/shared_folder/SeattleTestbedFixHttpsDownload.apk
Package name: com.seattletestbed
App requires INTERNET permission. Continue analysis...
Analysis result:
aaaaa@sb32:~/devel/mallodroid$