From 17cec63c14e15d1a78d124f718a4b51e4f4debd1 Mon Sep 17 00:00:00 2001 From: Sam Whited Date: Sat, 15 Nov 2014 11:40:41 -0500 Subject: Set security error status on TLS cert mismatch --- .../java/eu/siacs/conversations/xmpp/XmppConnection.java | 13 +++++++------ 1 file changed, 7 insertions(+), 6 deletions(-) (limited to 'src/main/java/eu') diff --git a/src/main/java/eu/siacs/conversations/xmpp/XmppConnection.java b/src/main/java/eu/siacs/conversations/xmpp/XmppConnection.java index 3c911fc9..7b59c812 100644 --- a/src/main/java/eu/siacs/conversations/xmpp/XmppConnection.java +++ b/src/main/java/eu/siacs/conversations/xmpp/XmppConnection.java @@ -593,12 +593,13 @@ public class XmppConnection implements Runnable { } sslSocket.setEnabledProtocols(supportProtocols); - if (verifier != null - && !verifier.verify(account.getServer().getDomainpart(), - sslSocket.getSession())) { - sslSocket.close(); - throw new IOException("host mismatch in TLS connection"); - } + if (verifier != null + && !verifier.verify(account.getServer().getDomainpart(), + sslSocket.getSession())) { + account.setStatus(Account.State.SECURITY_ERROR); + sslSocket.close(); + throw new IOException("Host mismatch in TLS connection"); + } tagReader.setInputStream(sslSocket.getInputStream()); tagWriter.setOutputStream(sslSocket.getOutputStream()); sendStartStream(); -- cgit v1.2.3