Conversations/src
Daniel Gultsch 8afe7efc2c workaround for OpenFire: check CN first in self signed certs
The self signed certificates created by OpenFire (Not sure if other
certs are affected as well) will crash the Java/Android TLS stack when
accessing getSubjectAlternativeNames() on the the peer certificate.

This usually goes unnoticed in other applications since the
DefaultHostnameVerifier checkes the CN first. That however is a
violation of RFC6125 section 6.4.4 which requires us to check for the
existence of SAN first.

This commit adds a work around where in self signed certificates we
check for the CN first as well. (Avoiding the call to
getSubjectAlternativeNames())
2017-07-16 11:05:25 +02:00
..
free/java/eu/siacs/conversations/services show doze warning when push is running on prosody 2017-01-12 23:22:02 +01:00
main workaround for OpenFire: check CN first in self signed certs 2017-07-16 11:05:25 +02:00
playstore migrate domain and host exemption into seperate class 2017-02-19 13:05:40 +01:00