|
|
@ -94,7 +94,7 @@ public class TcpOverTlsTransport extends TcpTransport { |
|
|
|
|
|
|
|
|
protected void startHandshake(SSLSocket sslSocket) throws IOException { |
|
|
protected void startHandshake(SSLSocket sslSocket) throws IOException { |
|
|
sslSocket.addHandshakeCompletedListener(event -> { |
|
|
sslSocket.addHandshakeCompletedListener(event -> { |
|
|
if(Storage.getCertificateFile(server.getHost()) == null) { |
|
|
if(shouldSaveCertificate()) { |
|
|
try { |
|
|
try { |
|
|
Certificate[] certs = event.getPeerCertificates(); |
|
|
Certificate[] certs = event.getPeerCertificates(); |
|
|
if(certs.length > 0) { |
|
|
if(certs.length > 0) { |
|
|
@ -108,4 +108,13 @@ public class TcpOverTlsTransport extends TcpTransport { |
|
|
|
|
|
|
|
|
sslSocket.startHandshake(); |
|
|
sslSocket.startHandshake(); |
|
|
} |
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
protected boolean shouldSaveCertificate() { |
|
|
|
|
|
//Avoid saving the certificates for blockstream.info public servers - they change too often and encourage approval complacency
|
|
|
|
|
|
if(PublicElectrumServer.BLOCKSTREAM_INFO.getName().equals(server.getHost()) || PublicElectrumServer.ELECTRUM_BLOCKSTREAM_INFO.getName().equals(server.getHost())) { |
|
|
|
|
|
return false; |
|
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
return Storage.getCertificateFile(server.getHost()) == null; |
|
|
|
|
|
} |
|
|
} |
|
|
} |
|
|
|
Craig Raw
3 years ago