From 77d43fb7bdb79c86fd7e6e41abc953c5b3a8c961 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Andr=C3=A1s=20Veres-Szentkir=C3=A1lyi?= Date: Sun, 20 Oct 2013 10:30:33 +0200 Subject: [PATCH] extracted method filterBySupport --- .../mail/transport/TrustedSocketFactory.java | 62 ++++++++++--------- 1 file changed, 34 insertions(+), 28 deletions(-) diff --git a/src/com/fsck/k9/mail/transport/TrustedSocketFactory.java b/src/com/fsck/k9/mail/transport/TrustedSocketFactory.java index 9a4d3d585..f9ad359f9 100644 --- a/src/com/fsck/k9/mail/transport/TrustedSocketFactory.java +++ b/src/com/fsck/k9/mail/transport/TrustedSocketFactory.java @@ -25,43 +25,49 @@ public class TrustedSocketFactory implements LayeredSocketFactory { protected static final String ENABLED_CIPHERS[]; static { - List enabledCiphers = new ArrayList(); - try { - String preferredCiphers[] = { - "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA", - "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA", - "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA", - "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA", - "TLS_DHE_RSA_WITH_AES_128_CBC_SHA", - "TLS_DHE_RSA_WITH_AES_256_CBC_SHA", - "TLS_DHE_DSS_WITH_AES_128_CBC_SHA", - "TLS_ECDHE_RSA_WITH_RC4_128_SHA", - "TLS_ECDHE_ECDSA_WITH_RC4_128_SHA", - "TLS_RSA_WITH_AES_128_CBC_SHA", - "TLS_RSA_WITH_AES_256_CBC_SHA", - "SSL_RSA_WITH_3DES_EDE_CBC_SHA", - "SSL_RSA_WITH_RC4_128_SHA", - "SSL_RSA_WITH_RC4_128_MD5", - }; + String preferredCiphers[] = { + "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA", + "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA", + "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA", + "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA", + "TLS_DHE_RSA_WITH_AES_128_CBC_SHA", + "TLS_DHE_RSA_WITH_AES_256_CBC_SHA", + "TLS_DHE_DSS_WITH_AES_128_CBC_SHA", + "TLS_ECDHE_RSA_WITH_RC4_128_SHA", + "TLS_ECDHE_ECDSA_WITH_RC4_128_SHA", + "TLS_RSA_WITH_AES_128_CBC_SHA", + "TLS_RSA_WITH_AES_256_CBC_SHA", + "SSL_RSA_WITH_3DES_EDE_CBC_SHA", + "SSL_RSA_WITH_RC4_128_SHA", + "SSL_RSA_WITH_RC4_128_MD5", + }; + String[] supportedCiphers = null; + + try { SSLContext sslContext = SSLContext.getInstance("TLS"); sslContext.init(null, null, new SecureRandom()); SSLSocketFactory sf = sslContext.getSocketFactory(); - Set supportedCiphers = new HashSet(); - Collections.addAll(supportedCiphers, sf.getSupportedCipherSuites()); - - for (String preferredCipher : preferredCiphers) { - if (supportedCiphers.contains(preferredCipher)) { - enabledCiphers.add(preferredCipher); - } - } + supportedCiphers = sf.getSupportedCipherSuites(); } catch (KeyManagementException kme) { kme.printStackTrace(); } catch (NoSuchAlgorithmException nsae) { nsae.printStackTrace(); } - ENABLED_CIPHERS = enabledCiphers.isEmpty() ? null : - enabledCiphers.toArray(new String[enabledCiphers.size()]); + + ENABLED_CIPHERS = supportedCiphers == null ? null : + filterBySupport(preferredCiphers, supportedCiphers); + } + + protected static String[] filterBySupport(String[] preferred, String[] supported) { + List enabled = new ArrayList(); + Set available = new HashSet(); + Collections.addAll(available, supported); + + for (String item : preferred) { + if (available.contains(item)) enabled.add(item); + } + return enabled.toArray(new String[enabled.size()]); } protected static final String ENABLED_PROTOCOLS[] = {