ssl shit

1 files changed, 62 insertions, 8 deletions

diff --git a/src/eu/siacs/conversations/xmpp/XmppConnection.java b/src/eu/siacs/conversations/xmpp/XmppConnection.java
index 9da0cbf2..c5aa1d7d 100644
--- a/src/eu/siacs/conversations/xmpp/XmppConnection.java
+++ b/src/eu/siacs/conversations/xmpp/XmppConnection.java
@@ -6,14 +6,26 @@ import java.io.OutputStream;
 import java.math.BigInteger;
 import java.net.Socket;
 import java.net.UnknownHostException;
+import java.security.KeyManagementException;
+import java.security.KeyStore;
+import java.security.KeyStoreException;
+import java.security.NoSuchAlgorithmException;
 import java.security.SecureRandom;
 import java.security.cert.CertPathValidatorException;
+import java.security.cert.CertificateException;
+import java.security.cert.CertificateExpiredException;
+import java.security.cert.X509Certificate;
 import java.util.HashSet;
 import java.util.Hashtable;
 import java.util.List;
 
+import javax.net.ssl.ManagerFactoryParameters;
+import javax.net.ssl.SSLContext;
 import javax.net.ssl.SSLSocket;
 import javax.net.ssl.SSLSocketFactory;
+import javax.net.ssl.TrustManager;
+import javax.net.ssl.TrustManagerFactory;
+import javax.net.ssl.X509TrustManager;
 
 import org.xmlpull.v1.XmlPullParserException;
 
@@ -270,11 +282,51 @@ public class XmppConnection implements Runnable {
 			IOException {
 		Tag nextTag = tagReader.readTag(); // should be proceed end tag
 		Log.d(LOGTAG, account.getJid() + ": now switch to ssl");
-		SSLSocket sslSocket;
 		try {
-			sslSocket = (SSLSocket) ((SSLSocketFactory) SSLSocketFactory
-					.getDefault()).createSocket(socket, socket.getInetAddress()
-					.getHostAddress(), socket.getPort(), true);
+			SSLContext sc = SSLContext.getInstance("TLS");
+			TrustManagerFactory tmf = TrustManagerFactory
+					.getInstance(TrustManagerFactory.getDefaultAlgorithm());
+			// Initialise the TMF as you normally would, for example:
+			// tmf.in
+			try {
+				tmf.init((KeyStore) null);
+			} catch (KeyStoreException e1) {
+				// TODO Auto-generated catch block
+				e1.printStackTrace();
+			}
+
+			TrustManager[] trustManagers = tmf.getTrustManagers();
+			final X509TrustManager origTrustmanager = (X509TrustManager) trustManagers[0];
+
+			TrustManager[] wrappedTrustManagers = new TrustManager[] { new X509TrustManager() {
+
+				@Override
+				public void checkClientTrusted(X509Certificate[] chain,
+						String authType) throws CertificateException {
+					origTrustmanager.checkClientTrusted(chain, authType);
+				}
+
+				@Override
+				public void checkServerTrusted(X509Certificate[] chain,
+						String authType) throws CertificateException {
+					try {
+						origTrustmanager.checkServerTrusted(chain, authType);
+					} catch (CertificateException e) {
+						Log.d(LOGTAG,"cert exeption");
+					}
+				}
+
+				@Override
+				public X509Certificate[] getAcceptedIssuers() {
+					return origTrustmanager.getAcceptedIssuers();
+				}
+
+			} };
+			sc.init(null, wrappedTrustManagers, null);
+			SSLSocketFactory factory = sc.getSocketFactory();
+			SSLSocket sslSocket = (SSLSocket) factory.createSocket(socket,
+					socket.getInetAddress().getHostAddress(), socket.getPort(),
+					true);
 			tagReader.setInputStream(sslSocket.getInputStream());
 			Log.d(LOGTAG, "reset inputstream");
 			tagWriter.setOutputStream(sslSocket.getOutputStream());
@@ -283,10 +335,12 @@ public class XmppConnection implements Runnable {
 			sendStartStream();
 			processStream(tagReader.readTag());
 			sslSocket.close();
-		} catch (IOException e) {
-			Log.d(LOGTAG,
-					account.getJid() + ": error on ssl '" + e.getMessage()
-							+ "'");
+		} catch (NoSuchAlgorithmException e1) {
+			// TODO Auto-generated catch block
+			e1.printStackTrace();
+		} catch (KeyManagementException e) {
+			// TODO Auto-generated catch block
+			e.printStackTrace();
 		}
 	}