mirror of
https://github.com/moparisthebest/k-9
synced 2024-11-23 18:02:15 -05:00
Use TrustedSocketFactory for STARTTLS.
The TrustedSocketFactory, which provides goodies like better cipher suites and TLSv1.2, was only being used for tunnelled connections. Use it for STARTTLS connections as well.
This commit is contained in:
parent
d4246a0976
commit
1bfb78ee51
@ -2504,8 +2504,8 @@ public class ImapStore extends Store {
|
|||||||
sslContext.init(null, new TrustManager[] {
|
sslContext.init(null, new TrustManager[] {
|
||||||
TrustManagerFactory.get(mSettings.getHost(), secure)
|
TrustManagerFactory.get(mSettings.getHost(), secure)
|
||||||
}, new SecureRandom());
|
}, new SecureRandom());
|
||||||
mSocket = sslContext.getSocketFactory().createSocket(mSocket, mSettings.getHost(), mSettings.getPort(),
|
mSocket = TrustedSocketFactory.createSocket(sslContext, mSocket,
|
||||||
true);
|
mSettings.getHost(), mSettings.getPort(), true);
|
||||||
mSocket.setSoTimeout(Store.SOCKET_READ_TIMEOUT);
|
mSocket.setSoTimeout(Store.SOCKET_READ_TIMEOUT);
|
||||||
mIn = new PeekableInputStream(new BufferedInputStream(mSocket
|
mIn = new PeekableInputStream(new BufferedInputStream(mSocket
|
||||||
.getInputStream(), 1024));
|
.getInputStream(), 1024));
|
||||||
|
@ -359,8 +359,8 @@ public class Pop3Store extends Store {
|
|||||||
sslContext.init(null, new TrustManager[] {
|
sslContext.init(null, new TrustManager[] {
|
||||||
TrustManagerFactory.get(mHost, secure)
|
TrustManagerFactory.get(mHost, secure)
|
||||||
}, new SecureRandom());
|
}, new SecureRandom());
|
||||||
mSocket = sslContext.getSocketFactory().createSocket(mSocket, mHost, mPort,
|
mSocket = TrustedSocketFactory.createSocket(sslContext, mSocket, mHost,
|
||||||
true);
|
mPort, true);
|
||||||
mSocket.setSoTimeout(Store.SOCKET_READ_TIMEOUT);
|
mSocket.setSoTimeout(Store.SOCKET_READ_TIMEOUT);
|
||||||
mIn = new BufferedInputStream(mSocket.getInputStream(), 1024);
|
mIn = new BufferedInputStream(mSocket.getInputStream(), 1024);
|
||||||
mOut = new BufferedOutputStream(mSocket.getOutputStream(), 512);
|
mOut = new BufferedOutputStream(mSocket.getOutputStream(), 512);
|
||||||
|
@ -85,6 +85,14 @@ public class TrustedSocketFactory {
|
|||||||
return socket;
|
return socket;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public static Socket createSocket(SSLContext sslContext, Socket s, String host, int port,
|
||||||
|
boolean autoClose) throws IOException {
|
||||||
|
SSLSocket socket = (SSLSocket) sslContext.getSocketFactory().createSocket(s, host, port, autoClose);
|
||||||
|
hardenSocket(socket);
|
||||||
|
|
||||||
|
return socket;
|
||||||
|
}
|
||||||
|
|
||||||
private static void hardenSocket(SSLSocket sock) {
|
private static void hardenSocket(SSLSocket sock) {
|
||||||
if (ENABLED_CIPHERS != null) {
|
if (ENABLED_CIPHERS != null) {
|
||||||
sock.setEnabledCipherSuites(ENABLED_CIPHERS);
|
sock.setEnabledCipherSuites(ENABLED_CIPHERS);
|
||||||
|
@ -304,8 +304,8 @@ public class SmtpTransport extends Transport {
|
|||||||
sslContext.init(null, new TrustManager[] {
|
sslContext.init(null, new TrustManager[] {
|
||||||
TrustManagerFactory.get(mHost, secure)
|
TrustManagerFactory.get(mHost, secure)
|
||||||
}, new SecureRandom());
|
}, new SecureRandom());
|
||||||
mSocket = sslContext.getSocketFactory().createSocket(mSocket, mHost, mPort,
|
mSocket = TrustedSocketFactory.createSocket(sslContext, mSocket, mHost,
|
||||||
true);
|
mPort, true);
|
||||||
mIn = new PeekableInputStream(new BufferedInputStream(mSocket.getInputStream(),
|
mIn = new PeekableInputStream(new BufferedInputStream(mSocket.getInputStream(),
|
||||||
1024));
|
1024));
|
||||||
mOut = mSocket.getOutputStream();
|
mOut = mSocket.getOutputStream();
|
||||||
|
Loading…
Reference in New Issue
Block a user