use sni and alpn for start tls as well. apperently google requires it

2018-10-01 11:34:27 +02:00 · 2018-10-01 11:34:27 +02:00 · 8270adf703
parent 1cbb60d7ed
commit 8270adf703
2 changed files with 4 additions and 1 deletions
--- a/src/main/java/eu/siacs/conversations/utils/TLSSocketFactory.java
+++ b/src/main/java/eu/siacs/conversations/utils/TLSSocketFactory.java
@ -57,7 +57,7 @@ public class TLSSocketFactory extends SSLSocketFactory {
    }

    private static Socket enableTLSOnSocket(Socket socket) {
-        if(socket != null && (socket instanceof SSLSocket)) {
+        if(socket instanceof SSLSocket) {
            SSLSocketHelper.setSecurity((SSLSocket) socket);
        }
        return socket;
--- a/src/main/java/eu/siacs/conversations/xmpp/XmppConnection.java
+++ b/src/main/java/eu/siacs/conversations/xmpp/XmppConnection.java
@ -843,11 +843,14 @@ public class XmppConnection implements Runnable {

            final SSLSocket sslSocket = (SSLSocket) tlsFactoryVerifier.factory.createSocket(socket, address.getHostAddress(), socket.getPort(), true);

+
            if (sslSocket == null) {
                throw new IOException("could not initialize ssl socket");
            }

            SSLSocketHelper.setSecurity(sslSocket);
+            SSLSocketHelper.setHostname(sslSocket, account.getServer());
+            SSLSocketHelper.setApplicationProtocol(sslSocket, "xmpp-client");

            if (!tlsFactoryVerifier.verifier.verify(account.getServer(), this.verifiedHostname, sslSocket.getSession())) {
                Log.d(Config.LOGTAG, account.getJid().asBareJid() + ": TLS certificate verification failed");