use sni and alpn for start tls as well. apperently google requires it
This commit is contained in:
parent
1cbb60d7ed
commit
8270adf703
|
@ -57,7 +57,7 @@ public class TLSSocketFactory extends SSLSocketFactory {
|
||||||
}
|
}
|
||||||
|
|
||||||
private static Socket enableTLSOnSocket(Socket socket) {
|
private static Socket enableTLSOnSocket(Socket socket) {
|
||||||
if(socket != null && (socket instanceof SSLSocket)) {
|
if(socket instanceof SSLSocket) {
|
||||||
SSLSocketHelper.setSecurity((SSLSocket) socket);
|
SSLSocketHelper.setSecurity((SSLSocket) socket);
|
||||||
}
|
}
|
||||||
return socket;
|
return socket;
|
||||||
|
|
|
@ -843,11 +843,14 @@ public class XmppConnection implements Runnable {
|
||||||
|
|
||||||
final SSLSocket sslSocket = (SSLSocket) tlsFactoryVerifier.factory.createSocket(socket, address.getHostAddress(), socket.getPort(), true);
|
final SSLSocket sslSocket = (SSLSocket) tlsFactoryVerifier.factory.createSocket(socket, address.getHostAddress(), socket.getPort(), true);
|
||||||
|
|
||||||
|
|
||||||
if (sslSocket == null) {
|
if (sslSocket == null) {
|
||||||
throw new IOException("could not initialize ssl socket");
|
throw new IOException("could not initialize ssl socket");
|
||||||
}
|
}
|
||||||
|
|
||||||
SSLSocketHelper.setSecurity(sslSocket);
|
SSLSocketHelper.setSecurity(sslSocket);
|
||||||
|
SSLSocketHelper.setHostname(sslSocket, account.getServer());
|
||||||
|
SSLSocketHelper.setApplicationProtocol(sslSocket, "xmpp-client");
|
||||||
|
|
||||||
if (!tlsFactoryVerifier.verifier.verify(account.getServer(), this.verifiedHostname, sslSocket.getSession())) {
|
if (!tlsFactoryVerifier.verifier.verify(account.getServer(), this.verifiedHostname, sslSocket.getSession())) {
|
||||||
Log.d(Config.LOGTAG, account.getJid().asBareJid() + ": TLS certificate verification failed");
|
Log.d(Config.LOGTAG, account.getJid().asBareJid() + ": TLS certificate verification failed");
|
||||||
|
|
Loading…
Reference in a new issue