Merge pull request #904 from SamWhited/remove-ssl

Remove legacy SSL support
This commit is contained in:
Daniel Gultsch 2015-01-19 17:15:57 +01:00
commit ea37fb9ffa
12 changed files with 11 additions and 29 deletions

1
.gitignore vendored
View file

@ -36,3 +36,4 @@ proguard/
.idea
import-summary.txt
.navigation/

View file

@ -507,23 +507,19 @@ public class XmppConnection implements Runnable {
}
final String[] supportProtocols;
if (enableLegacySSL()) {
supportProtocols = sslSocket.getSupportedProtocols();
} else {
final Collection<String> supportedProtocols = new LinkedList<>(
Arrays.asList(sslSocket.getSupportedProtocols()));
supportedProtocols.remove("SSLv3");
supportProtocols = new String[supportedProtocols.size()];
supportedProtocols.toArray(supportProtocols);
final Collection<String> supportedProtocols = new LinkedList<>(
Arrays.asList(sslSocket.getSupportedProtocols()));
supportedProtocols.remove("SSLv3");
supportProtocols = supportedProtocols.toArray(new String[supportedProtocols.size()]);
final String[] cipherSuites = CryptoHelper.getSupportedCipherSuites(
sslSocket.getSupportedCipherSuites());
if (cipherSuites.length > 0) {
sslSocket.setEnabledCipherSuites(cipherSuites);
}
}
sslSocket.setEnabledProtocols(supportProtocols);
final String[] cipherSuites = CryptoHelper.getSupportedCipherSuites(
sslSocket.getSupportedCipherSuites());
if (cipherSuites.length > 0) {
sslSocket.setEnabledCipherSuites(cipherSuites);
}
if (!verifier.verify(account.getServer().getDomainpart(),sslSocket.getSession())) {
Log.d(Config.LOGTAG,account.getJid().toBareJid()+": TLS certificate verification failed");
disconnect(true);

View file

@ -267,7 +267,6 @@
<string name="pref_force_encryption_summary">Vždy zasílat šifrované zprávy (mimo konference)</string>
<string name="pref_dont_save_encrypted">Neukládat šifrované zprávy</string>
<string name="pref_dont_save_encrypted_summary">Varování: Toto může vést ke ztrátě zpráv</string>
<string name="pref_enable_legacy_ssl">Povolit zastaralé SSL</string>
<string name="pref_expert_options">Expertní nastavení</string>
<string name="pref_expert_options_summary">S tímto zacházejte velmi opatrně</string>
<string name="title_activity_about">O aplikaci Conversations</string>

View file

@ -267,7 +267,6 @@
<string name="pref_force_encryption_summary">Nachrichten immer verschlüsseln (außer für Konferenzen)</string>
<string name="pref_dont_save_encrypted">Verschlüsselte Nachrichten nicht speichern</string>
<string name="pref_dont_save_encrypted_summary">Achtung: kann zu Nachrichtenverlust führen</string>
<string name="pref_enable_legacy_ssl">Alte SSL-Version aktivieren</string>
<string name="pref_expert_options">Einstellungen für Experten</string>
<string name="pref_expert_options_summary">Hier bitte vorsichtig sein</string>
<string name="title_activity_about">Über Conversations</string>

View file

@ -267,7 +267,6 @@
<string name="pref_force_encryption_summary">Siempre enviar mensajes cifrados (excepto para conversaciones en grupo)</string>
<string name="pref_dont_save_encrypted">No guardar mensajes cifrados</string>
<string name="pref_dont_save_encrypted_summary">Aviso: Esto podría llevar a pérdida de mensajes</string>
<string name="pref_enable_legacy_ssl">Habilitar SSL heredado</string>
<string name="pref_expert_options">Ajustes avanzados</string>
<string name="pref_expert_options_summary">Por favor, cuidado con estas opciones</string>
<string name="title_activity_about">Acerca de Conversations</string>

View file

@ -267,7 +267,6 @@
<string name="pref_force_encryption_summary">Mezuak beti enkriptatuta bidali (konferentzietan izan ezik)</string>
<string name="pref_dont_save_encrypted">Ez gorde enkriptatutako mezuak</string>
<string name="pref_dont_save_encrypted_summary">Adi: Honek mezuen galera ekar lezake</string>
<string name="pref_enable_legacy_ssl">Oinordetutako SSL gaitu</string>
<string name="pref_expert_options">Adituentzako aukerak</string>
<string name="pref_expert_options_summary">Mesedez kontuz ibili hauekin</string>
<string name="title_activity_about">Conversationsi buruz</string>

View file

@ -267,7 +267,6 @@
<string name="pref_force_encryption_summary">Toujours envoyer des messages chiffrés (sauf pour les conférences)</string>
<string name="pref_dont_save_encrypted">Ne pas sauvegarder les messages chiffrés</string>
<string name="pref_dont_save_encrypted_summary">Attention: Celà peut mener à une perte de messages</string>
<string name="pref_enable_legacy_ssl">Activer SSL hérité</string>
<string name="pref_expert_options">Options avancées</string>
<string name="pref_expert_options_summary">A utiliser avec précautions</string>
<string name="title_activity_about">Sur Conversations</string>

View file

@ -267,7 +267,6 @@
<string name="pref_force_encryption_summary">Manda sempre messaggi cifrati (ad eccezione delle conferenze)</string>
<string name="pref_dont_save_encrypted">Non salvare i messaggi cifrati</string>
<string name="pref_dont_save_encrypted_summary">Attenzione: Questo potrebbe comportare la perdita di messaggi</string>
<string name="pref_enable_legacy_ssl">Abilita il vecchio SSL</string>
<string name="pref_expert_options">Opzioni da Esperto</string>
<string name="pref_expert_options_summary">Fai attenzione con queste impostazioni</string>
<string name="title_activity_about">Info su Conversations</string>

View file

@ -267,7 +267,6 @@
<string name="pref_force_encryption_summary">Stuur berichten altijd versleuteld (behalve in groepsgesprekken)</string>
<string name="pref_dont_save_encrypted">Sla versleutelde berichten niet op</string>
<string name="pref_dont_save_encrypted_summary"><b>Waarschuwing:</b> Dit kan leiden tot verlies van berichten</string>
<string name="pref_enable_legacy_ssl">Sta legacy SSL toe</string>
<string name="pref_expert_options">Expert-instellingen</string>
<string name="pref_expert_options_summary">Wees voorzichtig met deze instellingen</string>
<string name="title_activity_about">Over Conversations</string>

View file

@ -267,7 +267,6 @@
<string name="pref_force_encryption_summary">Sänd alltid krypterade meddelanden (utom för konferenser)</string>
<string name="pref_dont_save_encrypted">Spara in krypterade meddelanden</string>
<string name="pref_dont_save_encrypted_summary">Varning: Detta kan leda till att meddelanden förloras</string>
<string name="pref_enable_legacy_ssl">Aktivera förlegad SSL</string>
<string name="pref_expert_options">Expertinställningar</string>
<string name="pref_expert_options_summary">Var försiktig med dem</string>
<string name="title_activity_about">Om Conversations</string>

View file

@ -269,8 +269,6 @@
<string name="pref_force_encryption_summary">Always send messages encrypted (except for conferences)</string>
<string name="pref_dont_save_encrypted">Dont save encrypted messages</string>
<string name="pref_dont_save_encrypted_summary">Warning: This could lead to message loss</string>
<string name="pref_enable_legacy_ssl">Enable legacy SSL</string>
<string name="pref_enable_legacy_ssl_summary">Enables legacy SSLv3 support and insecure SSL ciphers.</string>
<string name="pref_expert_options">Expert options</string>
<string name="pref_expert_options_summary">Please be careful with these</string>
<string name="title_activity_about">About Conversations</string>

View file

@ -116,11 +116,6 @@
android:key="dont_save_encrypted"
android:summary="@string/pref_dont_save_encrypted_summary"
android:title="@string/pref_dont_save_encrypted" />
<CheckBoxPreference
android:defaultValue="false"
android:key="enable_legacy_ssl"
android:summary="@string/pref_enable_legacy_ssl_summary"
android:title="@string/pref_enable_legacy_ssl" />
</PreferenceCategory>
<PreferenceCategory android:title="@string/pref_input_options">
<CheckBoxPreference