diff options
author | Sam Whited <sam@samwhited.com> | 2015-01-17 13:40:15 -0500 |
---|---|---|
committer | Sam Whited <sam@samwhited.com> | 2015-01-19 11:02:13 -0500 |
commit | 503237087ffc5585876dfdb96ef167960bef0f15 (patch) | |
tree | 1dec69c436bd031de1e7a26fed75e919458b90ad /src/main/java/eu/siacs/conversations/xmpp | |
parent | 1e607d7b1b0accf03d0e170fe67d418dac7c2114 (diff) |
Remove legacy SSL support
Diffstat (limited to '')
-rw-r--r-- | src/main/java/eu/siacs/conversations/xmpp/XmppConnection.java | 26 |
1 files changed, 11 insertions, 15 deletions
diff --git a/src/main/java/eu/siacs/conversations/xmpp/XmppConnection.java b/src/main/java/eu/siacs/conversations/xmpp/XmppConnection.java index 6424b1d5..c16ac32b 100644 --- a/src/main/java/eu/siacs/conversations/xmpp/XmppConnection.java +++ b/src/main/java/eu/siacs/conversations/xmpp/XmppConnection.java @@ -507,23 +507,19 @@ public class XmppConnection implements Runnable { } final String[] supportProtocols; - if (enableLegacySSL()) { - supportProtocols = sslSocket.getSupportedProtocols(); - } else { - final Collection<String> supportedProtocols = new LinkedList<>( - Arrays.asList(sslSocket.getSupportedProtocols())); - supportedProtocols.remove("SSLv3"); - supportProtocols = new String[supportedProtocols.size()]; - supportedProtocols.toArray(supportProtocols); - - final String[] cipherSuites = CryptoHelper.getSupportedCipherSuites( - sslSocket.getSupportedCipherSuites()); - if (cipherSuites.length > 0) { - sslSocket.setEnabledCipherSuites(cipherSuites); - } - } + final Collection<String> supportedProtocols = new LinkedList<>( + Arrays.asList(sslSocket.getSupportedProtocols())); + supportedProtocols.remove("SSLv3"); + supportProtocols = supportedProtocols.toArray(new String[supportedProtocols.size()]); + sslSocket.setEnabledProtocols(supportProtocols); + final String[] cipherSuites = CryptoHelper.getSupportedCipherSuites( + sslSocket.getSupportedCipherSuites()); + if (cipherSuites.length > 0) { + sslSocket.setEnabledCipherSuites(cipherSuites); + } + if (!verifier.verify(account.getServer().getDomainpart(),sslSocket.getSession())) { Log.d(Config.LOGTAG,account.getJid().toBareJid()+": TLS certificate verification failed"); disconnect(true); |