Set security error status on TLS cert mismatch

author: Sam Whited <sam@samwhited.com> 2014-11-15 11:40:41 -0500
committer: Sam Whited <sam@samwhited.com> 2014-11-15 11:40:41 -0500
commit: 17cec63c14e15d1a78d124f718a4b51e4f4debd1 (patch)
tree: 0967fd37845fb85197dbcc6b01dec68f8e4d93c6
parent: d2388a5a7ef5ede40de03d66cbad205b6510ef75 (diff)
1 files changed, 7 insertions, 6 deletions
diff --git a/src/main/java/eu/siacs/conversations/xmpp/XmppConnection.java b/src/main/java/eu/siacs/conversations/xmpp/XmppConnection.java
index 3c911fc9..7b59c812 100644
--- a/src/main/java/eu/siacs/conversations/xmpp/XmppConnection.java
+++ b/src/main/java/eu/siacs/conversations/xmpp/XmppConnection.java
@@ -593,12 +593,13 @@ public class XmppConnection implements Runnable {
 							}
 							sslSocket.setEnabledProtocols(supportProtocols);
 
-							if (verifier != null
-									&& !verifier.verify(account.getServer().getDomainpart(),
-										sslSocket.getSession())) {
-								sslSocket.close();
-								throw new IOException("host mismatch in TLS connection");
-									}
+                            if (verifier != null
+                                    && !verifier.verify(account.getServer().getDomainpart(),
+                                    sslSocket.getSession())) {
+                                account.setStatus(Account.State.SECURITY_ERROR);
+                                sslSocket.close();
+                                throw new IOException("Host mismatch in TLS connection");
+                            }
 							tagReader.setInputStream(sslSocket.getInputStream());
 							tagWriter.setOutputStream(sslSocket.getOutputStream());
 							sendStartStream();
author	Sam Whited <sam@samwhited.com>	2014-11-15 11:40:41 -0500
committer	Sam Whited <sam@samwhited.com>	2014-11-15 11:40:41 -0500
commit	17cec63c14e15d1a78d124f718a4b51e4f4debd1 (patch)
tree	0967fd37845fb85197dbcc6b01dec68f8e4d93c6
parent	d2388a5a7ef5ede40de03d66cbad205b6510ef75 (diff)