From 222db63123d1621f7612e1f2dbc5713381e7e982 Mon Sep 17 00:00:00 2001
From: Stephen Paul Weber <singpolyma@singpolyma.net>
Date: Wed, 8 Nov 2023 13:06:26 -0500
Subject: [PATCH] Catch and log anything coming out of DANE

---
 .../services/MemorizingTrustManager.java            | 13 ++++++++++---
 1 file changed, 10 insertions(+), 3 deletions(-)

diff --git a/src/main/java/eu/siacs/conversations/services/MemorizingTrustManager.java b/src/main/java/eu/siacs/conversations/services/MemorizingTrustManager.java
index f1db311981b0592ca282c89483fad10067ddd397..b58f02cdfd16d5c2b53cdabc92dc6eccadc8aa63 100644
--- a/src/main/java/eu/siacs/conversations/services/MemorizingTrustManager.java
+++ b/src/main/java/eu/siacs/conversations/services/MemorizingTrustManager.java
@@ -372,9 +372,16 @@ public class MemorizingTrustManager {
             LOGGER.log(Level.FINE, "checkCertTrusted: trying appTrustManager");
             if (isServer) {
                 if (verifiedHostname != null) {
-                    if (daneVerifier.verifyCertificateChain(chain, verifiedHostname, port)) {
-                        if (daneCb != null) daneCb.accept(true);
-                        return;
+                    try {
+                        if (daneVerifier.verifyCertificateChain(chain, verifiedHostname, port)) {
+                            if (daneCb != null) daneCb.accept(true);
+                            return;
+                        }
+                    } catch (final CertificateException e) {
+                        Log.d(Config.LOGTAG, "checkCertTrusted DANE failure: " + e);
+                        throw e;
+                    } catch (final Exception e) {
+                        Log.d(Config.LOGTAG, "checkCertTrusted DANE related failure: " + e);
                     }
                 }
                 appTrustManager.checkServerTrusted(chain, authType);