1
0
mirror of https://github.com/moparisthebest/k-9 synced 2024-11-23 18:02:15 -05:00

Use TrustedSocketFactory for STARTTLS.

The TrustedSocketFactory, which provides goodies like better cipher suites and
TLSv1.2, was only being used for tunnelled connections.  Use it for STARTTLS
connections as well.
This commit is contained in:
brian m. carlson 2013-11-10 00:25:10 +00:00
parent d4246a0976
commit 1bfb78ee51
4 changed files with 14 additions and 6 deletions

View File

@ -2504,8 +2504,8 @@ public class ImapStore extends Store {
sslContext.init(null, new TrustManager[] { sslContext.init(null, new TrustManager[] {
TrustManagerFactory.get(mSettings.getHost(), secure) TrustManagerFactory.get(mSettings.getHost(), secure)
}, new SecureRandom()); }, new SecureRandom());
mSocket = sslContext.getSocketFactory().createSocket(mSocket, mSettings.getHost(), mSettings.getPort(), mSocket = TrustedSocketFactory.createSocket(sslContext, mSocket,
true); mSettings.getHost(), mSettings.getPort(), true);
mSocket.setSoTimeout(Store.SOCKET_READ_TIMEOUT); mSocket.setSoTimeout(Store.SOCKET_READ_TIMEOUT);
mIn = new PeekableInputStream(new BufferedInputStream(mSocket mIn = new PeekableInputStream(new BufferedInputStream(mSocket
.getInputStream(), 1024)); .getInputStream(), 1024));

View File

@ -359,8 +359,8 @@ public class Pop3Store extends Store {
sslContext.init(null, new TrustManager[] { sslContext.init(null, new TrustManager[] {
TrustManagerFactory.get(mHost, secure) TrustManagerFactory.get(mHost, secure)
}, new SecureRandom()); }, new SecureRandom());
mSocket = sslContext.getSocketFactory().createSocket(mSocket, mHost, mPort, mSocket = TrustedSocketFactory.createSocket(sslContext, mSocket, mHost,
true); mPort, true);
mSocket.setSoTimeout(Store.SOCKET_READ_TIMEOUT); mSocket.setSoTimeout(Store.SOCKET_READ_TIMEOUT);
mIn = new BufferedInputStream(mSocket.getInputStream(), 1024); mIn = new BufferedInputStream(mSocket.getInputStream(), 1024);
mOut = new BufferedOutputStream(mSocket.getOutputStream(), 512); mOut = new BufferedOutputStream(mSocket.getOutputStream(), 512);

View File

@ -85,6 +85,14 @@ public class TrustedSocketFactory {
return socket; return socket;
} }
public static Socket createSocket(SSLContext sslContext, Socket s, String host, int port,
boolean autoClose) throws IOException {
SSLSocket socket = (SSLSocket) sslContext.getSocketFactory().createSocket(s, host, port, autoClose);
hardenSocket(socket);
return socket;
}
private static void hardenSocket(SSLSocket sock) { private static void hardenSocket(SSLSocket sock) {
if (ENABLED_CIPHERS != null) { if (ENABLED_CIPHERS != null) {
sock.setEnabledCipherSuites(ENABLED_CIPHERS); sock.setEnabledCipherSuites(ENABLED_CIPHERS);

View File

@ -304,8 +304,8 @@ public class SmtpTransport extends Transport {
sslContext.init(null, new TrustManager[] { sslContext.init(null, new TrustManager[] {
TrustManagerFactory.get(mHost, secure) TrustManagerFactory.get(mHost, secure)
}, new SecureRandom()); }, new SecureRandom());
mSocket = sslContext.getSocketFactory().createSocket(mSocket, mHost, mPort, mSocket = TrustedSocketFactory.createSocket(sslContext, mSocket, mHost,
true); mPort, true);
mIn = new PeekableInputStream(new BufferedInputStream(mSocket.getInputStream(), mIn = new PeekableInputStream(new BufferedInputStream(mSocket.getInputStream(),
1024)); 1024));
mOut = mSocket.getOutputStream(); mOut = mSocket.getOutputStream();