From 217335703c7e30813c1d5054b25bf3cfdb37205e Mon Sep 17 00:00:00 2001
From: Daniel Gultsch <daniel@gultsch.de>
Date: Mon, 17 Jul 2017 21:11:15 +0200
Subject: [PATCH] fix regression introduces with OF fix. properly fall back to
 common name

---
 .../conversations/crypto/XmppDomainVerifier.java   | 14 +++++++-------
 1 file changed, 7 insertions(+), 7 deletions(-)

diff --git a/src/main/java/eu/siacs/conversations/crypto/XmppDomainVerifier.java b/src/main/java/eu/siacs/conversations/crypto/XmppDomainVerifier.java
index ba4e10160..d6a460881 100644
--- a/src/main/java/eu/siacs/conversations/crypto/XmppDomainVerifier.java
+++ b/src/main/java/eu/siacs/conversations/crypto/XmppDomainVerifier.java
@@ -30,8 +30,8 @@ public class XmppDomainVerifier implements DomainHostnameVerifier {
 
 	private static final String LOGTAG = "XmppDomainVerifier";
 
-	private final String SRVName = "1.3.6.1.5.5.7.8.7";
-	private final String xmppAddr = "1.3.6.1.5.5.7.8.5";
+	private static final String SRV_NAME = "1.3.6.1.5.5.7.8.7";
+	private static final String XMPP_ADDR = "1.3.6.1.5.5.7.8.5";
 
 	@Override
 	public boolean verify(String domain, String hostname, SSLSession sslSession) {
@@ -41,9 +41,9 @@ public class XmppDomainVerifier implements DomainHostnameVerifier {
 				return false;
 			}
 			X509Certificate certificate = (X509Certificate) chain[0];
+			final List<String> commonNames = getCommonNames(certificate);
 			if (isSelfSigned(certificate)) {
-				List<String> domains = getCommonNames(certificate);
-				if (domains.size() == 1 && domains.get(0).equals(domain)) {
+				if (commonNames.size() == 1 && commonNames.get(0).equals(domain)) {
 					Log.d(LOGTAG,"accepted CN in cert self signed cert for "+domain);
 					return true;
 				}
@@ -59,10 +59,10 @@ public class XmppDomainVerifier implements DomainHostnameVerifier {
 						Pair<String, String> otherName = parseOtherName((byte[]) san.get(1));
 						if (otherName != null) {
 							switch (otherName.first) {
-								case SRVName:
+								case SRV_NAME:
 									srvNames.add(otherName.second);
 									break;
-								case xmppAddr:
+								case XMPP_ADDR:
 									xmppAddrs.add(otherName.second);
 									break;
 								default:
@@ -78,7 +78,7 @@ public class XmppDomainVerifier implements DomainHostnameVerifier {
 				}
 			}
 			if (srvNames.size() == 0 && xmppAddrs.size() == 0 && domains.size() == 0) {
-				domains.addAll(domains);
+				domains.addAll(commonNames);
 			}
 			Log.d(LOGTAG, "searching for " + domain + " in srvNames: " + srvNames + " xmppAddrs: " + xmppAddrs + " domains:" + domains);
 			if (hostname != null) {