- Jul 23, 2017
-
-
Daniel Gultsch authored
this undos 8a729061. as it turns out 4.1 and 4.0 only break when checking if a cert is self signed.
-
- Jul 17, 2017
-
-
Daniel Gultsch authored
-
Daniel Gultsch authored
-
Daniel Gultsch authored
-
Daniel Gultsch authored
-
- Jul 16, 2017
-
-
Daniel Gultsch authored
-
Daniel Gultsch authored
-
Daniel Gultsch authored
-
Daniel Gultsch authored
The self signed certificates created by OpenFire (Not sure if other certs are affected as well) will crash the Java/Android TLS stack when accessing getSubjectAlternativeNames() on the the peer certificate. This usually goes unnoticed in other applications since the DefaultHostnameVerifier checkes the CN first. That however is a violation of RFC6125 section 6.4.4 which requires us to check for the existence of SAN first. This commit adds a work around where in self signed certificates we check for the CN first as well. (Avoiding the call to getSubjectAlternativeNames())
-
- Jul 14, 2017
-
-
Daniel Gultsch authored
-
Daniel Gultsch authored
-
- Jul 13, 2017
-
-
Daniel Gultsch authored
-
Daniel Gultsch authored
-
- Jul 12, 2017
-
-
Daniel Gultsch authored
-
Daniel Gultsch authored
-
Daniel Gultsch authored
-
Daniel Gultsch authored
-
- Jul 11, 2017
-
-
Daniel Gultsch authored
-
Daniel Gultsch authored
-
Daniel Gultsch authored
-
- Jul 10, 2017
-
-
Daniel Gultsch authored
-
Daniel Gultsch authored
-
Daniel Gultsch authored
-
Daniel Gultsch authored
-
Daniel Gultsch authored
-
Daniel Gultsch authored
-
Daniel Gultsch authored
this allows us to prefer ipv4
-
- Jul 09, 2017
-
-
Daniel Gultsch authored
-
Daniel Gultsch authored
-
- Jul 05, 2017
-
-
Daniel Gultsch authored
-
Daniel Gultsch authored
-
- Jul 04, 2017
-
-
Daniel Gultsch authored
-
- Jul 03, 2017
-
-
Daniel Gultsch authored
-
Daniel Gultsch authored
-
Daniel Gultsch authored
-
- Jul 01, 2017
-
-
Daniel Gultsch authored
-
Daniel Gultsch authored
-
- Jun 30, 2017
-
-
Daniel Gultsch authored
-
Daniel Gultsch authored
-
Daniel Gultsch authored
-