packages/moxxmpp/analysis_options.yaml

@@ -1 +1 @@
-include: ../../analysis_options.yaml
+include: ../analysis_options.yaml

packages/moxxmpp_socket_tcp/analysis_options.yaml

@@ -1,4 +1,4 @@
-include: ../../analysis_options.yaml
+include: ../analysis_options.yaml
 
 analyzer:
   exclude:

packages/moxxmpp_socket_tcp/lib/src/socket.dart

@@ -49,13 +49,12 @@ class TCPSocketWrapper extends BaseSocketWrapper {
   Future<List<MoxSrvRecord>> srvQuery(String domain, bool dnssec) async {
     return <MoxSrvRecord>[];
   }
-
-  /// Called when we encounter a certificate we cannot verify. [certificate] refers to the certificate
-  /// in question, while [domain] refers to the domain we try to validate the certificate against.
-  ///
-  /// Return true if the certificate should be accepted. Return false if it should be rejected.
-  @visibleForOverriding
-  bool onBadCertificate(dynamic certificate, String domain) {
+  
+  bool _onBadCertificate(dynamic certificate, String domain) {
+    _log.fine('Bad certificate: ${certificate.toString()}');
+    //final isExpired = certificate.endValidity.isAfter(DateTime.now());
+    // TODO(Unknown): Either validate the certificate ourselves or use a platform native
+    //                hostname verifier (or Dart adds it themselves)
     return false;
   }
   
@@ -84,7 +83,7 @@ class TCPSocketWrapper extends BaseSocketWrapper {
           sock,
           host: domain,
           supportedProtocols: const [ xmppClientALPNId ],
-          onBadCertificate: (cert) => onBadCertificate(cert, domain),
+          onBadCertificate: (cert) => _onBadCertificate(cert, domain),
         );
 
         _ignoreSocketClosure = false;
@@ -176,7 +175,7 @@ class TCPSocketWrapper extends BaseSocketWrapper {
       _socket = await SecureSocket.secure(
         _socket!,
         supportedProtocols: const [ xmppClientALPNId ],
-        onBadCertificate: (cert) => onBadCertificate(cert, domain),
+        onBadCertificate: (cert) => _onBadCertificate(cert, domain),
       );
 
       _secure = true;