From a63a91fa542f145d7e66df3712d95d5161997240 Mon Sep 17 00:00:00 2001
From: "brian m. carlson" <sandals@crustytoothpaste.net>
Date: Sat, 23 May 2015 21:32:22 +0000
Subject: [PATCH 1/2] Support GCM cipher suites.

---
 .../com/fsck/k9/mail/ssl/DefaultTrustedSocketFactory.java   | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/k9mail-library/src/main/java/com/fsck/k9/mail/ssl/DefaultTrustedSocketFactory.java b/k9mail-library/src/main/java/com/fsck/k9/mail/ssl/DefaultTrustedSocketFactory.java
index 3c9fe800f..06a37f325 100644
--- a/k9mail-library/src/main/java/com/fsck/k9/mail/ssl/DefaultTrustedSocketFactory.java
+++ b/k9mail-library/src/main/java/com/fsck/k9/mail/ssl/DefaultTrustedSocketFactory.java
@@ -32,6 +32,12 @@ public class DefaultTrustedSocketFactory implements TrustedSocketFactory {
 
     // Order taken from OpenSSL 1.0.1c
     protected static final String ORDERED_KNOWN_CIPHERS[] = {
+            "TLS_ECDHE_RSA_AES_256_GCM_SHA384",
+            "TLS_ECDHE_ECDSA_AES_256_GCM_SHA384",
+            "TLS_ECDHE_RSA_AES_128_GCM_SHA256",
+            "TLS_ECDHE_ECDSA_AES_128_GCM_SHA256",
+            "TLS_DHE_RSA_AES_256_GCM_SHA384",
+            "TLS_DHE_RSA_AES_128_GCM_SHA256",
             "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA",
             "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA",
             "TLS_DHE_RSA_WITH_AES_256_CBC_SHA",

From 4fb12ff12b4514cb11a975f7b495b7bbc1284c3d Mon Sep 17 00:00:00 2001
From: cketti <cketti@gmail.com>
Date: Mon, 25 May 2015 18:12:18 +0200
Subject: [PATCH 2/2] Fix cipher suite names

---
 .../k9/mail/ssl/DefaultTrustedSocketFactory.java    | 13 ++++++-------
 1 file changed, 6 insertions(+), 7 deletions(-)

diff --git a/k9mail-library/src/main/java/com/fsck/k9/mail/ssl/DefaultTrustedSocketFactory.java b/k9mail-library/src/main/java/com/fsck/k9/mail/ssl/DefaultTrustedSocketFactory.java
index 06a37f325..62ae2ed70 100644
--- a/k9mail-library/src/main/java/com/fsck/k9/mail/ssl/DefaultTrustedSocketFactory.java
+++ b/k9mail-library/src/main/java/com/fsck/k9/mail/ssl/DefaultTrustedSocketFactory.java
@@ -30,14 +30,13 @@ public class DefaultTrustedSocketFactory implements TrustedSocketFactory {
     protected static final String ENABLED_CIPHERS[];
     protected static final String ENABLED_PROTOCOLS[];
 
-    // Order taken from OpenSSL 1.0.1c
     protected static final String ORDERED_KNOWN_CIPHERS[] = {
-            "TLS_ECDHE_RSA_AES_256_GCM_SHA384",
-            "TLS_ECDHE_ECDSA_AES_256_GCM_SHA384",
-            "TLS_ECDHE_RSA_AES_128_GCM_SHA256",
-            "TLS_ECDHE_ECDSA_AES_128_GCM_SHA256",
-            "TLS_DHE_RSA_AES_256_GCM_SHA384",
-            "TLS_DHE_RSA_AES_128_GCM_SHA256",
+            "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384",
+            "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384",
+            "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256",
+            "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256",
+            "TLS_DHE_RSA_WITH_AES_256_GCM_SHA384",
+            "TLS_DHE_RSA_WITH_AES_128_GCM_SHA256",
             "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA",
             "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA",
             "TLS_DHE_RSA_WITH_AES_256_CBC_SHA",