Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add support for SNI on SSL connections #7

Open
kampka opened this issue Sep 21, 2012 · 0 comments
Open

Add support for SNI on SSL connections #7

kampka opened this issue Sep 21, 2012 · 0 comments
Labels

Comments

@kampka
Copy link

kampka commented Sep 21, 2012

Connecting to SSL secured hosts that require SNI (Server Name Indication) support is currently not possible without accepting all certificates, which is of course undesirable. It would be nice if ZAX would support SNI so proper hostname based TLS negotiation can be performed.

I've done some research and found a couple of resources indicating that SNI is possible on Android.

http://source-android.frandroid.com/libcore/luni/src/main/java/libcore/net/http/HttpsURLConnectionImpl.java

http://source-android.frandroid.com/libcore/luni/src/main/java/libcore/net/http/HttpConnection.java

http://source-android.frandroid.com/libcore/luni/src/main/java/org/apache/harmony/xnet/provider/jsse/OpenSSLSocketImpl.java

There is an setHostname() method in OpenSSLSocketImpl that if called
causes NativeCrypto.SSL_set_tlsext_host_name() to be called. That in
turn calls SSL_set_tlsext_host_name().

Hopefully, this is helpful.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Projects
None yet
Development

No branches or pull requests

1 participant