email: start handshake before hostname verification
Start handshake prior to hostname verification to ensure exceptions do not get silenced Change-Id: Ide60753663d82d63b0f410b985447b7b26efd8f1 Signed-off-by: Jorge Ruesga <jorge@ruesga.com>
This commit is contained in:
parent
761a860cee
commit
a7d1b42409
@ -335,6 +335,10 @@ public class SSLSocketFactory implements LayeredSocketFactory {
|
|||||||
// Set Server Name Indication if is available for this socket
|
// Set Server Name Indication if is available for this socket
|
||||||
setSocketHostname(sslsock, host);
|
setSocketHostname(sslsock, host);
|
||||||
|
|
||||||
|
// Start handshake prior to hostname verification to ensure
|
||||||
|
// handshake exceptions do not get silenced by hostname verification.
|
||||||
|
sslsock.startHandshake();
|
||||||
|
|
||||||
try {
|
try {
|
||||||
hostnameVerifier.verify(host, sslsock);
|
hostnameVerifier.verify(host, sslsock);
|
||||||
// verifyHostName() didn't blowup - good!
|
// verifyHostName() didn't blowup - good!
|
||||||
@ -402,6 +406,10 @@ public class SSLSocketFactory implements LayeredSocketFactory {
|
|||||||
// Set Server Name Indication if it's available for this socket
|
// Set Server Name Indication if it's available for this socket
|
||||||
setSocketHostname(sslSocket, host);
|
setSocketHostname(sslSocket, host);
|
||||||
|
|
||||||
|
// Start handshake prior to hostname verification to ensure
|
||||||
|
// handshake exceptions do not get silenced by hostname verification.
|
||||||
|
sslSocket.startHandshake();
|
||||||
|
|
||||||
hostnameVerifier.verify(host, sslSocket);
|
hostnameVerifier.verify(host, sslSocket);
|
||||||
// verifyHostName() didn't blowup - good!
|
// verifyHostName() didn't blowup - good!
|
||||||
return sslSocket;
|
return sslSocket;
|
||||||
|
Loading…
Reference in New Issue
Block a user