Make hostname verification compatible with Android API 24 and 25

Author: SgtSilvio

src/main/java/com/hivemq/client/internal/mqtt/handler/ssl/MqttSslInitializer.java

@@ -41,6 +41,7 @@
 public final class MqttSslInitializer {
 
     private static final @NotNull String SSL_HANDLER_NAME = "ssl";
+    private static final @NotNull String ENDPOINT_IDENTIFICATION_ALGORITHM = "HTTPS";
 
     public static void initChannel(
             final @NotNull Channel channel,
@@ -76,15 +77,23 @@ Netty treats Android (all versions) as Java 6, so SSLParameters.setEndpointIdent
         if (hostnameVerifier == null) {
             final SSLParameters sslParameters = sslHandler.engine().getSSLParameters();
             try {
-                sslParameters.setEndpointIdentificationAlgorithm("HTTPS");
+                sslParameters.setEndpointIdentificationAlgorithm(ENDPOINT_IDENTIFICATION_ALGORITHM);
+                sslHandler.engine().setSSLParameters(sslParameters);
+                if (!ENDPOINT_IDENTIFICATION_ALGORITHM.equals(
+                        sslHandler.engine().getSSLParameters().getEndpointIdentificationAlgorithm())) {
+                    /*
+                    On Android API 24 and 25 SSLParameters.setEndpointIdentificationAlgorithm is available but the call is ignored
+                    The HttpsURLConnection.getDefaultHostnameVerifier performs HTTPS hostname verification on Android
+                     */
+                    hostnameVerifier = HttpsURLConnection.getDefaultHostnameVerifier();
+                }
             } catch (final NoSuchMethodError e) {
                 /*
                 On Android API < 24 SSLParameters.setEndpointIdentificationAlgorithm is not available
                 The HttpsURLConnection.getDefaultHostnameVerifier performs HTTPS hostname verification on Android
                  */
                 hostnameVerifier = HttpsURLConnection.getDefaultHostnameVerifier();
             }
-            sslHandler.engine().setSSLParameters(sslParameters);
         }
 
         final MqttSslAdapterHandler sslAdapterHandler =
@@ -102,7 +111,8 @@ Netty treats Android (all versions) as Java 6, so SSLParameters.setEndpointIdent
                 .keyManager(sslConfig.getRawKeyManagerFactory())
                 .protocols((protocols == null) ? null : protocols.toArray(new String[0]))
                 .ciphers(sslConfig.getRawCipherSuites(), SupportedCipherSuiteFilter.INSTANCE)
-                .endpointIdentificationAlgorithm((sslConfig.getRawHostnameVerifier() == null) ? "HTTPS" : null)
+                .endpointIdentificationAlgorithm(
+                        (sslConfig.getRawHostnameVerifier() == null) ? ENDPOINT_IDENTIFICATION_ALGORITHM : null)
                 .build();
     }