hc-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "bitfire (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (HTTPCLIENT-1591) SNI doesn't work in Android port for non-proxied connections
Date Sun, 28 Dec 2014 16:04:13 GMT

    [ https://issues.apache.org/jira/browse/HTTPCLIENT-1591?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14259667#comment-14259667

bitfire commented on HTTPCLIENT-1591:

I'll see if I can create one. However, I'm sure that 

        final SSLSocket sslsock = (SSLSocket) this.socketfactory.createSocket(

[already does a handshake](http://grepcode.com/file/repository.grepcode.com/java/ext/com.google.android/android/4.2_r1/android/net/SSLCertificateSocketFactory.java#SSLCertificateSocketFactory.createSocket%28java.net.Socket%2Cjava.lang.String%2Cint%2Cboolean%29),
when socketfactory is an android.net.SSLCertificateSocketFactory.

It calls SSLCertificateSocketFactory::verifyHostname (unless mSecure is false, which is only
the case when the factory is created with getInsecure()), and verifyHostname calls startHandshake().

I have played around with this and the only way to get SNI with proxied connections working
is by using the generic SSLSocketFactory interface, see here: https://github.com/bitfireAT/davdroid/blob/897ede75821cf8028c46e16a10368053bb32070e/app/src/main/java/at/bitfire/davdroid/webdav/TlsSniSocketFactory.java

> SNI doesn't work in Android port for non-proxied connections
> ------------------------------------------------------------
>                 Key: HTTPCLIENT-1591
>                 URL: https://issues.apache.org/jira/browse/HTTPCLIENT-1591
>             Project: HttpComponents HttpClient
>          Issue Type: Bug
>          Components: HttpConn
>    Affects Versions:
>            Reporter: bitfire
> #document

This message was sent by Atlassian JIRA

To unsubscribe, e-mail: dev-unsubscribe@hc.apache.org
For additional commands, e-mail: dev-help@hc.apache.org

View raw message