From f10d6a7b0bc797544856d8f7339fafe98ff581e8 Mon Sep 17 00:00:00 2001
From: Moxie Marlinspike <moxie@thoughtcrime.org>
Date: Mon, 18 Nov 2013 13:50:35 -0800
Subject: [PATCH] Lets use strict wildcard matching.

---
 .../org/whispersystems/textsecure/push/PushServiceSocket.java  | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/library/src/org/whispersystems/textsecure/push/PushServiceSocket.java b/library/src/org/whispersystems/textsecure/push/PushServiceSocket.java
index cb42d19aee..85ba93d30e 100644
--- a/library/src/org/whispersystems/textsecure/push/PushServiceSocket.java
+++ b/library/src/org/whispersystems/textsecure/push/PushServiceSocket.java
@@ -6,6 +6,7 @@ import android.util.Pair;
 
 import com.google.thoughtcrimegson.Gson;
 
+import org.apache.http.conn.ssl.StrictHostnameVerifier;
 import org.whispersystems.textsecure.R;
 import org.whispersystems.textsecure.Release;
 import org.whispersystems.textsecure.crypto.IdentityKey;
@@ -32,6 +33,7 @@ import java.util.LinkedList;
 import java.util.List;
 import java.util.Set;
 
+import javax.net.ssl.HostnameVerifier;
 import javax.net.ssl.HttpsURLConnection;
 import javax.net.ssl.SSLContext;
 import javax.net.ssl.TrustManagerFactory;
@@ -341,6 +343,7 @@ public class PushServiceSocket {
 
       if (Release.ENFORCE_SSL) {
         ((HttpsURLConnection)connection).setSSLSocketFactory(context.getSocketFactory());
+        ((HttpsURLConnection)connection).setHostnameVerifier(new StrictHostnameVerifier());
       }
 
       connection.setRequestMethod(method);