aboutsummaryrefslogtreecommitdiffstats
path: root/src/main/java/de/pixart/messenger/crypto
diff options
context:
space:
mode:
authorChristian Schneppe <christian@pix-art.de>2017-08-01 13:31:04 +0200
committerChristian Schneppe <christian@pix-art.de>2017-08-01 13:31:04 +0200
commit9e51cf8a85eeb143d041bf7e2d20212a456e5a8f (patch)
tree9bf55ea6baa6cff9411ecf516f899c21ccbdd093 /src/main/java/de/pixart/messenger/crypto
parent9d5a51c054def5a565675cfbff9cb07720c20dc2 (diff)
made OF selfSigned() workaround only available >=kitkat
this undos 0f34c0ab3ed0ce3c98dc4d835c7897e8d533f7e6 as it turns out 4.1 and 4.0 only break when checking if a cert is self signed.
Diffstat (limited to 'src/main/java/de/pixart/messenger/crypto')
-rw-r--r--src/main/java/de/pixart/messenger/crypto/XmppDomainVerifier.java7
1 files changed, 3 insertions, 4 deletions
diff --git a/src/main/java/de/pixart/messenger/crypto/XmppDomainVerifier.java b/src/main/java/de/pixart/messenger/crypto/XmppDomainVerifier.java
index 97b3733b6..e811a0f39 100644
--- a/src/main/java/de/pixart/messenger/crypto/XmppDomainVerifier.java
+++ b/src/main/java/de/pixart/messenger/crypto/XmppDomainVerifier.java
@@ -43,10 +43,9 @@ public class XmppDomainVerifier implements DomainHostnameVerifier {
}
X509Certificate certificate = (X509Certificate) chain[0];
final List<String> commonNames = getCommonNames(certificate);
- final boolean isSelfSignedCertificate = isSelfSigned(certificate);
- if (Build.VERSION.SDK_INT < Build.VERSION_CODES.KITKAT || isSelfSignedCertificate) {
- if (commonNames.size() == 1 && commonNames.get(0).equals(domain)) {
- Log.d(LOGTAG, "accepted CN in cert as work around for " + domain + " isSelfSigned=" + Boolean.toString(isSelfSignedCertificate) + ", sdkInt=" + Build.VERSION.SDK_INT);
+ if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.KITKAT && isSelfSigned(certificate)) {
+ if (commonNames.size() == 1 && matchDomain(domain, commonNames)) {
+ Log.d(LOGTAG, "accepted CN in self signed cert as work around for " + domain);
return true;
}
}