narayana/anotherim
narayana/anotherim
3
2
Fork 0
Code Issues 3 Pull requests 2 Actions Packages Projects Releases 4 Wiki Activity

use CN-workaround for pre-kitkat

Browse source
This commit is contained in:
Daniel Gultsch 2017-07-17 23:13:55 +02:00
parent 8285a4fe1c
commit 8a729061d5
1 changed files with 4 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
src/main/java/eu/siacs/conversations/crypto/XmppDomainVerifier.java
View file

@ -1,5 +1,6 @@
package eu.siacs.conversations.crypto; package eu.siacs.conversations.crypto;
import android.os.Build;
import android.util.Log; import android.util.Log;
import android.util.Pair; import android.util.Pair;
@ -42,9 +43,10 @@ public class XmppDomainVerifier implements DomainHostnameVerifier {
} }
X509Certificate certificate = (X509Certificate) chain[0]; X509Certificate certificate = (X509Certificate) chain[0];
final List<String> commonNames = getCommonNames(certificate); final List<String> commonNames = getCommonNames(certificate);
if (isSelfSigned(certificate)) { final boolean isSelfSignedCertificate = isSelfSigned(certificate);
if (Build.VERSION.SDK_INT < Build.VERSION_CODES.KITKAT || isSelfSignedCertificate) {
if (commonNames.size() == 1 && commonNames.get(0).equals(domain)) { if (commonNames.size() == 1 && commonNames.get(0).equals(domain)) {
Log.d(LOGTAG,"accepted CN in cert self signed cert for "+domain); Log.d(LOGTAG,"accepted CN in cert as work around for "+domain+" isSelfSigned="+Boolean.toString(isSelfSignedCertificate)+", sdkInt="+Build.VERSION.SDK_INT);
return true; return true;
} }
} }