diff options
author | Nick Hudson <nick.hudson@isode.com> | 2013-09-19 16:01:13 (GMT) |
---|---|---|
committer | Nick Hudson <nick.hudson@isode.com> | 2013-09-23 14:11:18 (GMT) |
commit | 716cf1b389b4f88bad61e56587575b6f97ee57ca (patch) | |
tree | 26acb7dc8f9a88c5d440a3bc7e94089be4d080cf /src/com | |
parent | 67a850e665a17c77afce52597aec004e0c1aa8ea (diff) | |
download | stroke-716cf1b389b4f88bad61e56587575b6f97ee57ca.zip stroke-716cf1b389b4f88bad61e56587575b6f97ee57ca.tar.bz2 |
Don't crash if server doesn't send cert in TLS handshake
If a TLS connection results in the server choosing an anonymous cipher
suite, then no server certificate will be returned by the server.
This ought not to happen, since XMPP clients are expected only to
propose non-anonymous cipher suites, but it could be that a client is
coded to propose anonymous suites, or that a bug in the server means
that it fails to return a server certificate.
This change updates the ServerIdentityVerifier to make it resilient
against these situations, treating this situation as equivalent to
"certificate presented by server does not verify".
Test-information:
In my testing, I was deliberately using anonymous ciphers and getting
Stroke crashes. After this patch, I don't get Stroke crashes any more
(but the connection fails because the certificate verification fails).
Change-Id: Ia7b9b8dad7a054ff266a78ef33a56157320654c8
Diffstat (limited to 'src/com')
-rw-r--r-- | src/com/isode/stroke/tls/ServerIdentityVerifier.java | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/src/com/isode/stroke/tls/ServerIdentityVerifier.java b/src/com/isode/stroke/tls/ServerIdentityVerifier.java index 3dcd855..20caae8 100644 --- a/src/com/isode/stroke/tls/ServerIdentityVerifier.java +++ b/src/com/isode/stroke/tls/ServerIdentityVerifier.java @@ -21,6 +21,9 @@ public class ServerIdentityVerifier { } public boolean certificateVerifies(Certificate certificate) { + if (certificate==null) { + return false; + } boolean hasSAN = false; // DNS names |