GoogleCodeExporter
commented
9 years ago Issue 324 has been merged into this issue.Original comment by fschm...@gmail.com on 22 Apr 2013 at 7:47
Closed GoogleCodeExporter closed 9 years ago
GoogleCodeExporter
commented
9 years ago Issue 324 has been merged into this issue.Original comment by fschm...@gmail.com on 22 Apr 2013 at 7:47
GoogleCodeExporter
commented
9 years ago Could someone with more insight into the code please clarify what the
status-quo is?
I've seen in XmppManager that conf.setSelfSignedCertificateEnabled is not set,
so from the smack documentation I'm guessing this is off. However all the
conf.setVerify* options default to off, so - is every certificate accepted, as
long as it is not self-signed?
If so, would you accept a patch that simply adds a checkbox to the SSL
configuration "Verify certificate", which seems to be trivial to implement and
increases security by a lot for those with a valid cert?
Thanks.Original comment by eckho...@gmail.com on 3 Jun 2013 at 7:46
GoogleCodeExporter
commented
9 years ago It is very likely that the smack conf option alone is not enough. Smack needs
to be aware of Android's built-in TrustManager, which is IIRC not available on
every supported Android API level.
OTOH I know that it is possible to use Android's Cert store. There are open
source Android XMPP clients out there that use Smack and do so. I think yaxim
is one of them.
tl;dr: I don't think that the conf setting alone is enough, the patch will
likely become bigger. But feel free to experiment, test and propose a patch. I
sure will have a look.Original comment by fschm...@gmail.com on 3 Jun 2013 at 4:30
GoogleCodeExporter
commented
9 years ago Original comment by Florent....@gmail.com on 16 Aug 2014 at 4:27
GoogleCodeExporter
commented
9 years ago Released on Play Market as 5.0Original comment by Florent....@gmail.com on 25 Oct 2014 at 6:23
Original issue reported on code.google.com by
fschm...@gmail.comon 21 Mar 2013 at 2:21