moparisthebest/k-9
1
0
Fork 0
mirror of https://github.com/moparisthebest/k-9 synced 2024-11-27 11:42:16 -05:00
Code Issues Releases Wiki Activity

Re-enable TLSv1.1/1.2 support

Browse Source 
Was disabled in 3fd7470d.

Issue 6238.

Related Android change for API 20:
1f63d2c223%5E!/
This commit is contained in:
Joe Steele 2014-09-10 11:34:37 -04:00
parent a10b9ae452
commit 0f6719387c
1 changed files with 10 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
src/com/fsck/k9/net/ssl/TrustedSocketFactory.java
View File

@ -74,7 +74,7 @@ public class TrustedSocketFactory {
static {
String[] enabledCiphers = null;
String[] enabledProtocols = null;
String[] supportedProtocols = null;
try {
SSLContext sslContext = SSLContext.getInstance("TLS");
@ -82,7 +82,13 @@ public class TrustedSocketFactory {
SSLSocketFactory sf = sslContext.getSocketFactory();
SSLSocket sock = (SSLSocket) sf.createSocket();
enabledCiphers = sock.getEnabledCipherSuites();
enabledProtocols = sock.getEnabledProtocols();
/*
* Retrieve all supported protocols, not just the (default) enabled
* ones. TLSv1.1 & TLSv1.2 are supported on API levels 16+, but are
* only enabled by default on API levels 20+.
*/
supportedProtocols = sock.getSupportedProtocols();
} catch (Exception e) {
Log.e(K9.LOG_TAG, "Error getting information about available SSL/TLS ciphers and " +
"protocols", e);
@ -91,8 +97,8 @@ public class TrustedSocketFactory {
ENABLED_CIPHERS = (enabledCiphers == null) ? null :
reorder(enabledCiphers, ORDERED_KNOWN_CIPHERS, BLACKLISTED_CIPHERS);
ENABLED_PROTOCOLS = (enabledProtocols == null) ? null :
reorder(enabledProtocols, ORDERED_KNOWN_PROTOCOLS, null);
ENABLED_PROTOCOLS = (supportedProtocols == null) ? null :
reorder(supportedProtocols, ORDERED_KNOWN_PROTOCOLS, null);
}
protected static String[] reorder(String[] enabled, String[] known, String[] blacklisted) {