|
|
|
@ -368,9 +368,12 @@ public class DnsHelper {
|
|
|
|
if (!hasDnsSec())
|
|
|
|
if (!hasDnsSec())
|
|
|
|
return;
|
|
|
|
return;
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
List<String> log = new ArrayList<>();
|
|
|
|
|
|
|
|
|
|
|
|
Handler handler = new Handler() {
|
|
|
|
Handler handler = new Handler() {
|
|
|
|
@Override
|
|
|
|
@Override
|
|
|
|
public void publish(LogRecord record) {
|
|
|
|
public void publish(LogRecord record) {
|
|
|
|
|
|
|
|
log.add(record.getMessage());
|
|
|
|
Log.w("DANE " + record.getMessage());
|
|
|
|
Log.w("DANE " + record.getMessage());
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
@ -390,7 +393,8 @@ public class DnsHelper {
|
|
|
|
boolean verified = new DaneVerifier().verifyCertificateChain(chain, server, port);
|
|
|
|
boolean verified = new DaneVerifier().verifyCertificateChain(chain, server, port);
|
|
|
|
Log.w("DANE verified=" + verified + " " + server + ":" + port);
|
|
|
|
Log.w("DANE verified=" + verified + " " + server + ":" + port);
|
|
|
|
if (!verified)
|
|
|
|
if (!verified)
|
|
|
|
throw new CertificateException("DANE missing or invalid");
|
|
|
|
throw new CertificateException("DANE missing or invalid",
|
|
|
|
|
|
|
|
new CertificateException(TextUtils.join("\n", log)));
|
|
|
|
} catch (CertificateException ex) {
|
|
|
|
} catch (CertificateException ex) {
|
|
|
|
throw ex;
|
|
|
|
throw ex;
|
|
|
|
} catch (Throwable ex) {
|
|
|
|
} catch (Throwable ex) {
|
|
|
|
|
M66B
5 months ago