use TLSv1.2 as SSL context on supported plattforms
This commit is contained in:
parent
1d572c61d0
commit
7dd9545ea3
|
@ -23,6 +23,7 @@ import eu.siacs.conversations.entities.Message;
|
|||
import eu.siacs.conversations.services.AbstractConnectionManager;
|
||||
import eu.siacs.conversations.services.XmppConnectionService;
|
||||
import eu.siacs.conversations.utils.CryptoHelper;
|
||||
import eu.siacs.conversations.utils.SSLSocketHelper;
|
||||
|
||||
public class HttpConnectionManager extends AbstractConnectionManager {
|
||||
|
||||
|
@ -76,7 +77,7 @@ public class HttpConnectionManager extends AbstractConnectionManager {
|
|||
new StrictHostnameVerifier());
|
||||
}
|
||||
try {
|
||||
final SSLContext sc = SSLContext.getInstance("TLS");
|
||||
final SSLContext sc = SSLSocketHelper.getSSLContext();
|
||||
sc.init(null, new X509TrustManager[]{trustManager},
|
||||
mXmppConnectionService.getRNG());
|
||||
|
||||
|
|
|
@ -1,11 +1,14 @@
|
|||
package eu.siacs.conversations.utils;
|
||||
|
||||
import android.os.Build;
|
||||
|
||||
import java.lang.reflect.Method;
|
||||
import java.security.NoSuchAlgorithmException;
|
||||
import java.util.Arrays;
|
||||
import java.util.Collection;
|
||||
import java.util.LinkedList;
|
||||
|
||||
import javax.net.ssl.SSLContext;
|
||||
import javax.net.ssl.SSLSocket;
|
||||
import javax.net.ssl.SSLSocketFactory;
|
||||
|
||||
|
@ -59,4 +62,12 @@ public class SSLSocketHelper {
|
|||
// ignore any error, we just can't set the alpn protocol...
|
||||
}
|
||||
}
|
||||
|
||||
public static SSLContext getSSLContext() throws NoSuchAlgorithmException {
|
||||
if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.JELLY_BEAN) {
|
||||
return SSLContext.getInstance("TLSv1.2");
|
||||
} else {
|
||||
return SSLContext.getInstance("TLS");
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
@ -408,7 +408,7 @@ public class XmppConnection implements Runnable {
|
|||
}
|
||||
|
||||
private TlsFactoryVerifier getTlsFactoryVerifier() throws NoSuchAlgorithmException, KeyManagementException, IOException {
|
||||
final SSLContext sc = SSLContext.getInstance("TLS");
|
||||
final SSLContext sc = SSLSocketHelper.getSSLContext();
|
||||
MemorizingTrustManager trustManager = this.mXmppConnectionService.getMemorizingTrustManager();
|
||||
KeyManager[] keyManager;
|
||||
if (account.getPrivateKeyAlias() != null && account.getPassword().isEmpty()) {
|
||||
|
|
Loading…
Reference in a new issue