From 0f6719387c9615e8420e5724b9580299f23a2ef8 Mon Sep 17 00:00:00 2001
From: Joe Steele <joe@madewell.net>
Date: Wed, 10 Sep 2014 11:34:37 -0400
Subject: [PATCH] Re-enable TLSv1.1/1.2 support

Was disabled in 3fd7470d.

Issue 6238.

Related Android change for API 20:
https://android.googlesource.com/platform/external/conscrypt/+/1f63d2c22326b989105366d2907a83b848dcd29e%5E!/
---
 src/com/fsck/k9/net/ssl/TrustedSocketFactory.java | 14 ++++++++++----
 1 file changed, 10 insertions(+), 4 deletions(-)

diff --git a/src/com/fsck/k9/net/ssl/TrustedSocketFactory.java b/src/com/fsck/k9/net/ssl/TrustedSocketFactory.java
index 7d2438cda..a4949fa17 100644
--- a/src/com/fsck/k9/net/ssl/TrustedSocketFactory.java
+++ b/src/com/fsck/k9/net/ssl/TrustedSocketFactory.java
@@ -74,7 +74,7 @@ public class TrustedSocketFactory {
 
     static {
         String[] enabledCiphers = null;
-        String[] enabledProtocols = null;
+        String[] supportedProtocols = null;
 
         try {
             SSLContext sslContext = SSLContext.getInstance("TLS");
@@ -82,7 +82,13 @@ public class TrustedSocketFactory {
             SSLSocketFactory sf = sslContext.getSocketFactory();
             SSLSocket sock = (SSLSocket) sf.createSocket();
             enabledCiphers = sock.getEnabledCipherSuites();
-            enabledProtocols = sock.getEnabledProtocols();
+
+            /*
+             * Retrieve all supported protocols, not just the (default) enabled
+             * ones. TLSv1.1 & TLSv1.2 are supported on API levels 16+, but are
+             * only enabled by default on API levels 20+.
+             */
+            supportedProtocols = sock.getSupportedProtocols();
         } catch (Exception e) {
             Log.e(K9.LOG_TAG, "Error getting information about available SSL/TLS ciphers and " +
                     "protocols", e);
@@ -91,8 +97,8 @@ public class TrustedSocketFactory {
         ENABLED_CIPHERS = (enabledCiphers == null) ? null :
                 reorder(enabledCiphers, ORDERED_KNOWN_CIPHERS, BLACKLISTED_CIPHERS);
 
-        ENABLED_PROTOCOLS = (enabledProtocols == null) ? null :
-            reorder(enabledProtocols, ORDERED_KNOWN_PROTOCOLS, null);
+        ENABLED_PROTOCOLS = (supportedProtocols == null) ? null :
+            reorder(supportedProtocols, ORDERED_KNOWN_PROTOCOLS, null);
     }
 
     protected static String[] reorder(String[] enabled, String[] known, String[] blacklisted) {