aboutsummaryrefslogtreecommitdiffstats
path: root/src/eu/siacs
diff options
context:
space:
mode:
authorDaniel Gultsch <daniel@gultsch.de>2014-03-06 20:03:35 +0100
committerDaniel Gultsch <daniel@gultsch.de>2014-03-06 20:03:35 +0100
commit3e52daf5e1e77662adc4a782d1b37c9a51fce13b (patch)
tree3ea6909918924f64450e6a2eadde604dd6652173 /src/eu/siacs
parentc666b086d6be3d993b0b9c52a6aab916cd6942ab (diff)
ssl shit
Diffstat (limited to 'src/eu/siacs')
-rw-r--r--src/eu/siacs/conversations/services/XmppConnectionService.java1
-rw-r--r--src/eu/siacs/conversations/xmpp/XmppConnection.java70
2 files changed, 63 insertions, 8 deletions
diff --git a/src/eu/siacs/conversations/services/XmppConnectionService.java b/src/eu/siacs/conversations/services/XmppConnectionService.java
index 3ba5c5e3..716b3edc 100644
--- a/src/eu/siacs/conversations/services/XmppConnectionService.java
+++ b/src/eu/siacs/conversations/services/XmppConnectionService.java
@@ -490,6 +490,7 @@ public class XmppConnectionService extends Service {
x.setContent(this.getPgpEngine().encrypt(keyId,
message.getBody()));
packet.addChild(x);
+ Log.d(LOGTAG,"pgp message"+packet.toString());
account.getXmppConnection().sendMessagePacket(packet);
message.setStatus(Message.STATUS_SEND);
message.setEncryption(Message.ENCRYPTION_DECRYPTED);
diff --git a/src/eu/siacs/conversations/xmpp/XmppConnection.java b/src/eu/siacs/conversations/xmpp/XmppConnection.java
index 9da0cbf2..c5aa1d7d 100644
--- a/src/eu/siacs/conversations/xmpp/XmppConnection.java
+++ b/src/eu/siacs/conversations/xmpp/XmppConnection.java
@@ -6,14 +6,26 @@ import java.io.OutputStream;
import java.math.BigInteger;
import java.net.Socket;
import java.net.UnknownHostException;
+import java.security.KeyManagementException;
+import java.security.KeyStore;
+import java.security.KeyStoreException;
+import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.security.cert.CertPathValidatorException;
+import java.security.cert.CertificateException;
+import java.security.cert.CertificateExpiredException;
+import java.security.cert.X509Certificate;
import java.util.HashSet;
import java.util.Hashtable;
import java.util.List;
+import javax.net.ssl.ManagerFactoryParameters;
+import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.SSLSocketFactory;
+import javax.net.ssl.TrustManager;
+import javax.net.ssl.TrustManagerFactory;
+import javax.net.ssl.X509TrustManager;
import org.xmlpull.v1.XmlPullParserException;
@@ -270,11 +282,51 @@ public class XmppConnection implements Runnable {
IOException {
Tag nextTag = tagReader.readTag(); // should be proceed end tag
Log.d(LOGTAG, account.getJid() + ": now switch to ssl");
- SSLSocket sslSocket;
try {
- sslSocket = (SSLSocket) ((SSLSocketFactory) SSLSocketFactory
- .getDefault()).createSocket(socket, socket.getInetAddress()
- .getHostAddress(), socket.getPort(), true);
+ SSLContext sc = SSLContext.getInstance("TLS");
+ TrustManagerFactory tmf = TrustManagerFactory
+ .getInstance(TrustManagerFactory.getDefaultAlgorithm());
+ // Initialise the TMF as you normally would, for example:
+ // tmf.in
+ try {
+ tmf.init((KeyStore) null);
+ } catch (KeyStoreException e1) {
+ // TODO Auto-generated catch block
+ e1.printStackTrace();
+ }
+
+ TrustManager[] trustManagers = tmf.getTrustManagers();
+ final X509TrustManager origTrustmanager = (X509TrustManager) trustManagers[0];
+
+ TrustManager[] wrappedTrustManagers = new TrustManager[] { new X509TrustManager() {
+
+ @Override
+ public void checkClientTrusted(X509Certificate[] chain,
+ String authType) throws CertificateException {
+ origTrustmanager.checkClientTrusted(chain, authType);
+ }
+
+ @Override
+ public void checkServerTrusted(X509Certificate[] chain,
+ String authType) throws CertificateException {
+ try {
+ origTrustmanager.checkServerTrusted(chain, authType);
+ } catch (CertificateException e) {
+ Log.d(LOGTAG,"cert exeption");
+ }
+ }
+
+ @Override
+ public X509Certificate[] getAcceptedIssuers() {
+ return origTrustmanager.getAcceptedIssuers();
+ }
+
+ } };
+ sc.init(null, wrappedTrustManagers, null);
+ SSLSocketFactory factory = sc.getSocketFactory();
+ SSLSocket sslSocket = (SSLSocket) factory.createSocket(socket,
+ socket.getInetAddress().getHostAddress(), socket.getPort(),
+ true);
tagReader.setInputStream(sslSocket.getInputStream());
Log.d(LOGTAG, "reset inputstream");
tagWriter.setOutputStream(sslSocket.getOutputStream());
@@ -283,10 +335,12 @@ public class XmppConnection implements Runnable {
sendStartStream();
processStream(tagReader.readTag());
sslSocket.close();
- } catch (IOException e) {
- Log.d(LOGTAG,
- account.getJid() + ": error on ssl '" + e.getMessage()
- + "'");
+ } catch (NoSuchAlgorithmException e1) {
+ // TODO Auto-generated catch block
+ e1.printStackTrace();
+ } catch (KeyManagementException e) {
+ // TODO Auto-generated catch block
+ e.printStackTrace();
}
}