Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fix Java-WebSocket problem on Android below 24 #808

Merged
merged 5 commits into from
Jun 22, 2022
Merged
Changes from 4 commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
34 changes: 32 additions & 2 deletions lib/src/main/java/io/ably/lib/transport/WebSocketTransport.java
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,10 @@
import java.util.Timer;
import java.util.TimerTask;

import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLParameters;
import javax.net.ssl.SSLSession;

import org.java_websocket.client.WebSocketClient;
import org.java_websocket.exceptions.WebsocketNotConnectedException;
Expand Down Expand Up @@ -147,8 +150,28 @@ class WsClient extends WebSocketClient {
@Override
public void onOpen(ServerHandshake handshakedata) {
Log.d(TAG, "onOpen()");
connectListener.onTransportAvailable(WebSocketTransport.this);
flagActivity();
if (isHostnameVerified(params.host)) {
connectListener.onTransportAvailable(WebSocketTransport.this);
flagActivity();
} else {
close();
KacperKluka marked this conversation as resolved.
Show resolved Hide resolved
}
}

/**
* Added because we had to override the onSetSSLParameters() that usually performs this verification.
* When the minSdkVersion will be updated to 24 we should remove this method and its usages.
* https://github.com/TooTallNate/Java-WebSocket/wiki/No-such-method-error-setEndpointIdentificationAlgorithm#workaround
*/
private boolean isHostnameVerified(String hostname) {
final SSLSession session = getSSLSession();
if (HttpsURLConnection.getDefaultHostnameVerifier().verify(hostname, session)) {
Log.v(TAG, "Successfully verified hostname");
return true;
} else {
Log.e(TAG, "Hostname verification failed, expected " + hostname + ", found " + session.getPeerHost());
return false;
}
}

@Override
Expand Down Expand Up @@ -234,6 +257,13 @@ public void onError(final Exception e) {
connectListener.onTransportUnavailable(WebSocketTransport.this, new ErrorInfo(e.getMessage(), 503, 80000));
}

@Override
protected void onSetSSLParameters(SSLParameters sslParameters) {
QuintinWillison marked this conversation as resolved.
Show resolved Hide resolved
// Overriding without calling the setEndpointIdentificationAlgorithm() to solve an issue on Android below 24.
// When the minSdkVersion will be updated to 24 we should remove this empty method.
// https://github.com/TooTallNate/Java-WebSocket/wiki/No-such-method-error-setEndpointIdentificationAlgorithm#workaround
}

private synchronized void dispose() {
/* dispose timer */
try {
Expand Down