email: start handshake before hostname verification

Start handshake prior to hostname verification to ensure exceptions do not get silenced

Change-Id: Ide60753663d82d63b0f410b985447b7b26efd8f1
Signed-off-by: Jorge Ruesga <jorge@ruesga.com>
This commit is contained in:
Jorge Ruesga 2014-12-17 01:04:27 +01:00 committed by Steve Kondik
parent 761a860cee
commit a7d1b42409

View File

@ -335,6 +335,10 @@ public class SSLSocketFactory implements LayeredSocketFactory {
// Set Server Name Indication if is available for this socket // Set Server Name Indication if is available for this socket
setSocketHostname(sslsock, host); setSocketHostname(sslsock, host);
// Start handshake prior to hostname verification to ensure
// handshake exceptions do not get silenced by hostname verification.
sslsock.startHandshake();
try { try {
hostnameVerifier.verify(host, sslsock); hostnameVerifier.verify(host, sslsock);
// verifyHostName() didn't blowup - good! // verifyHostName() didn't blowup - good!
@ -402,6 +406,10 @@ public class SSLSocketFactory implements LayeredSocketFactory {
// Set Server Name Indication if it's available for this socket // Set Server Name Indication if it's available for this socket
setSocketHostname(sslSocket, host); setSocketHostname(sslSocket, host);
// Start handshake prior to hostname verification to ensure
// handshake exceptions do not get silenced by hostname verification.
sslSocket.startHandshake();
hostnameVerifier.verify(host, sslSocket); hostnameVerifier.verify(host, sslSocket);
// verifyHostName() didn't blowup - good! // verifyHostName() didn't blowup - good!
return sslSocket; return sslSocket;