diff options
Diffstat (limited to 'src/eu/siacs/conversations/xmpp/XmppConnection.java')
-rw-r--r-- | src/eu/siacs/conversations/xmpp/XmppConnection.java | 70 |
1 files changed, 62 insertions, 8 deletions
diff --git a/src/eu/siacs/conversations/xmpp/XmppConnection.java b/src/eu/siacs/conversations/xmpp/XmppConnection.java index 9da0cbf2..c5aa1d7d 100644 --- a/src/eu/siacs/conversations/xmpp/XmppConnection.java +++ b/src/eu/siacs/conversations/xmpp/XmppConnection.java @@ -6,14 +6,26 @@ import java.io.OutputStream; import java.math.BigInteger; import java.net.Socket; import java.net.UnknownHostException; +import java.security.KeyManagementException; +import java.security.KeyStore; +import java.security.KeyStoreException; +import java.security.NoSuchAlgorithmException; import java.security.SecureRandom; import java.security.cert.CertPathValidatorException; +import java.security.cert.CertificateException; +import java.security.cert.CertificateExpiredException; +import java.security.cert.X509Certificate; import java.util.HashSet; import java.util.Hashtable; import java.util.List; +import javax.net.ssl.ManagerFactoryParameters; +import javax.net.ssl.SSLContext; import javax.net.ssl.SSLSocket; import javax.net.ssl.SSLSocketFactory; +import javax.net.ssl.TrustManager; +import javax.net.ssl.TrustManagerFactory; +import javax.net.ssl.X509TrustManager; import org.xmlpull.v1.XmlPullParserException; @@ -270,11 +282,51 @@ public class XmppConnection implements Runnable { IOException { Tag nextTag = tagReader.readTag(); // should be proceed end tag Log.d(LOGTAG, account.getJid() + ": now switch to ssl"); - SSLSocket sslSocket; try { - sslSocket = (SSLSocket) ((SSLSocketFactory) SSLSocketFactory - .getDefault()).createSocket(socket, socket.getInetAddress() - .getHostAddress(), socket.getPort(), true); + SSLContext sc = SSLContext.getInstance("TLS"); + TrustManagerFactory tmf = TrustManagerFactory + .getInstance(TrustManagerFactory.getDefaultAlgorithm()); + // Initialise the TMF as you normally would, for example: + // tmf.in + try { + tmf.init((KeyStore) null); + } catch (KeyStoreException e1) { + // TODO Auto-generated catch block + e1.printStackTrace(); + } + + TrustManager[] trustManagers = tmf.getTrustManagers(); + final X509TrustManager origTrustmanager = (X509TrustManager) trustManagers[0]; + + TrustManager[] wrappedTrustManagers = new TrustManager[] { new X509TrustManager() { + + @Override + public void checkClientTrusted(X509Certificate[] chain, + String authType) throws CertificateException { + origTrustmanager.checkClientTrusted(chain, authType); + } + + @Override + public void checkServerTrusted(X509Certificate[] chain, + String authType) throws CertificateException { + try { + origTrustmanager.checkServerTrusted(chain, authType); + } catch (CertificateException e) { + Log.d(LOGTAG,"cert exeption"); + } + } + + @Override + public X509Certificate[] getAcceptedIssuers() { + return origTrustmanager.getAcceptedIssuers(); + } + + } }; + sc.init(null, wrappedTrustManagers, null); + SSLSocketFactory factory = sc.getSocketFactory(); + SSLSocket sslSocket = (SSLSocket) factory.createSocket(socket, + socket.getInetAddress().getHostAddress(), socket.getPort(), + true); tagReader.setInputStream(sslSocket.getInputStream()); Log.d(LOGTAG, "reset inputstream"); tagWriter.setOutputStream(sslSocket.getOutputStream()); @@ -283,10 +335,12 @@ public class XmppConnection implements Runnable { sendStartStream(); processStream(tagReader.readTag()); sslSocket.close(); - } catch (IOException e) { - Log.d(LOGTAG, - account.getJid() + ": error on ssl '" + e.getMessage() - + "'"); + } catch (NoSuchAlgorithmException e1) { + // TODO Auto-generated catch block + e1.printStackTrace(); + } catch (KeyManagementException e) { + // TODO Auto-generated catch block + e.printStackTrace(); } } |