use TLSv1.2 as SSL context on supported plattforms
This commit is contained in:
parent
1d572c61d0
commit
7dd9545ea3
|
@ -23,6 +23,7 @@ import eu.siacs.conversations.entities.Message;
|
||||||
import eu.siacs.conversations.services.AbstractConnectionManager;
|
import eu.siacs.conversations.services.AbstractConnectionManager;
|
||||||
import eu.siacs.conversations.services.XmppConnectionService;
|
import eu.siacs.conversations.services.XmppConnectionService;
|
||||||
import eu.siacs.conversations.utils.CryptoHelper;
|
import eu.siacs.conversations.utils.CryptoHelper;
|
||||||
|
import eu.siacs.conversations.utils.SSLSocketHelper;
|
||||||
|
|
||||||
public class HttpConnectionManager extends AbstractConnectionManager {
|
public class HttpConnectionManager extends AbstractConnectionManager {
|
||||||
|
|
||||||
|
@ -76,7 +77,7 @@ public class HttpConnectionManager extends AbstractConnectionManager {
|
||||||
new StrictHostnameVerifier());
|
new StrictHostnameVerifier());
|
||||||
}
|
}
|
||||||
try {
|
try {
|
||||||
final SSLContext sc = SSLContext.getInstance("TLS");
|
final SSLContext sc = SSLSocketHelper.getSSLContext();
|
||||||
sc.init(null, new X509TrustManager[]{trustManager},
|
sc.init(null, new X509TrustManager[]{trustManager},
|
||||||
mXmppConnectionService.getRNG());
|
mXmppConnectionService.getRNG());
|
||||||
|
|
||||||
|
|
|
@ -1,11 +1,14 @@
|
||||||
package eu.siacs.conversations.utils;
|
package eu.siacs.conversations.utils;
|
||||||
|
|
||||||
|
import android.os.Build;
|
||||||
|
|
||||||
import java.lang.reflect.Method;
|
import java.lang.reflect.Method;
|
||||||
import java.security.NoSuchAlgorithmException;
|
import java.security.NoSuchAlgorithmException;
|
||||||
import java.util.Arrays;
|
import java.util.Arrays;
|
||||||
import java.util.Collection;
|
import java.util.Collection;
|
||||||
import java.util.LinkedList;
|
import java.util.LinkedList;
|
||||||
|
|
||||||
|
import javax.net.ssl.SSLContext;
|
||||||
import javax.net.ssl.SSLSocket;
|
import javax.net.ssl.SSLSocket;
|
||||||
import javax.net.ssl.SSLSocketFactory;
|
import javax.net.ssl.SSLSocketFactory;
|
||||||
|
|
||||||
|
@ -59,4 +62,12 @@ public class SSLSocketHelper {
|
||||||
// ignore any error, we just can't set the alpn protocol...
|
// ignore any error, we just can't set the alpn protocol...
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public static SSLContext getSSLContext() throws NoSuchAlgorithmException {
|
||||||
|
if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.JELLY_BEAN) {
|
||||||
|
return SSLContext.getInstance("TLSv1.2");
|
||||||
|
} else {
|
||||||
|
return SSLContext.getInstance("TLS");
|
||||||
|
}
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -408,7 +408,7 @@ public class XmppConnection implements Runnable {
|
||||||
}
|
}
|
||||||
|
|
||||||
private TlsFactoryVerifier getTlsFactoryVerifier() throws NoSuchAlgorithmException, KeyManagementException, IOException {
|
private TlsFactoryVerifier getTlsFactoryVerifier() throws NoSuchAlgorithmException, KeyManagementException, IOException {
|
||||||
final SSLContext sc = SSLContext.getInstance("TLS");
|
final SSLContext sc = SSLSocketHelper.getSSLContext();
|
||||||
MemorizingTrustManager trustManager = this.mXmppConnectionService.getMemorizingTrustManager();
|
MemorizingTrustManager trustManager = this.mXmppConnectionService.getMemorizingTrustManager();
|
||||||
KeyManager[] keyManager;
|
KeyManager[] keyManager;
|
||||||
if (account.getPrivateKeyAlias() != null && account.getPassword().isEmpty()) {
|
if (account.getPrivateKeyAlias() != null && account.getPassword().isEmpty()) {
|
||||||
|
|
Loading…
Reference in a new issue