aboutsummaryrefslogtreecommitdiffstats
path: root/src/main/java/de
diff options
context:
space:
mode:
authorDaniel Gultsch <daniel@gultsch.de>2016-08-10 12:34:05 +0200
committerChristian Schneppe <christian@pix-art.de>2016-08-11 21:37:15 +0200
commit44fcc33f0fe8ec37869f68fa0b1df87b7e039a3e (patch)
tree34d3e6bd144dba0de0af4dd43ecb3aa4a9ad37a9 /src/main/java/de
parentead0feadf03b3b829e49894b630e3d420ddf40cf (diff)
use direct ssl when port was manually set to 5223
this should create a work around for the oracle xmpp server
Diffstat (limited to 'src/main/java/de')
-rw-r--r--src/main/java/de/pixart/messenger/xmpp/XmppConnection.java26
1 files changed, 24 insertions, 2 deletions
diff --git a/src/main/java/de/pixart/messenger/xmpp/XmppConnection.java b/src/main/java/de/pixart/messenger/xmpp/XmppConnection.java
index 4db74981d..9af0a0eb3 100644
--- a/src/main/java/de/pixart/messenger/xmpp/XmppConnection.java
+++ b/src/main/java/de/pixart/messenger/xmpp/XmppConnection.java
@@ -47,6 +47,7 @@ import java.util.concurrent.atomic.AtomicInteger;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.KeyManager;
import javax.net.ssl.SSLContext;
+import javax.net.ssl.SSLSession;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.X509KeyManager;
@@ -284,9 +285,30 @@ public class XmppConnection implements Runnable {
socket = SocksSocketFactory.createSocketOverTor(destination, account.getPort());
startXmpp();
} else if (extended && account.getHostname() != null && !account.getHostname().isEmpty()) {
- socket = new Socket();
+
+ InetSocketAddress address = new InetSocketAddress(account.getHostname(), account.getPort());
+
+ features.encryptionEnabled = account.getPort() == 5223;
+
try {
- socket.connect(new InetSocketAddress(account.getHostname(), account.getPort()), Config.SOCKET_TIMEOUT * 1000);
+ if (features.encryptionEnabled) {
+ try {
+ final TlsFactoryVerifier tlsFactoryVerifier = getTlsFactoryVerifier();
+ socket = tlsFactoryVerifier.factory.createSocket();
+ socket.connect(address, Config.SOCKET_TIMEOUT * 1000);
+ final SSLSession session = ((SSLSocket) socket).getSession();
+ if (!tlsFactoryVerifier.verifier.verify(account.getServer().getDomainpart(),session)) {
+ Log.d(Config.LOGTAG, account.getJid().toBareJid() + ": TLS certificate verification failed");
+ throw new SecurityException();
+ }
+ } catch (KeyManagementException e) {
+ features.encryptionEnabled = false;
+ socket = new Socket();
+ }
+ } else {
+ socket = new Socket();
+ socket.connect(address, Config.SOCKET_TIMEOUT * 1000);
+ }
} catch (IOException e) {
throw new UnknownHostException();
}