arno/etesync-android
1
0
Fork 0
mirror of https://github.com/etesync/android synced 2024-11-15 12:28:57 +00:00
Code Issues Releases Wiki Activity

Enable all supported TLS protocols (enables TLSv1.1/1.2 if supported by Android version on device, see #229)

Browse Source
This commit is contained in:
rfc2822 2014-04-06 17:44:04 +02:00
parent 0965c8d3a3
commit f69f449b44
2 changed files with 8 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/at/bitfire/davdroid/syncadapter/SyncManager.java
View File

@ -83,8 +83,6 @@ public class SyncManager {
}
}
try { Thread.sleep(2000); } catch (InterruptedException e) { }
// PHASE 3: pull remote changes from server
syncResult.stats.numInserts = pullNew(remotelyAdded.toArray(new Resource[0]));
syncResult.stats.numUpdates = pullChanged(remotelyUpdated.toArray(new Resource[0]));

13
src/at/bitfire/davdroid/webdav/TlsSniSocketFactory.java
View File

@ -29,13 +29,12 @@ import ch.boye.httpclientandroidlib.conn.socket.LayeredConnectionSocketFactory;
import ch.boye.httpclientandroidlib.conn.ssl.BrowserCompatHostnameVerifier;
import ch.boye.httpclientandroidlib.protocol.HttpContext;
@TargetApi(Build.VERSION_CODES.JELLY_BEAN_MR1)
public class TlsSniSocketFactory implements LayeredConnectionSocketFactory {
private static final String TAG = "davdroid.SNISocketFactory";
final static TlsSniSocketFactory INSTANCE = new TlsSniSocketFactory();
private final static SSLCertificateSocketFactory sslSocketFactory = (SSLCertificateSocketFactory) SSLCertificateSocketFactory.getDefault(0);
private final static SSLCertificateSocketFactory sslSocketFactory = (SSLCertificateSocketFactory)SSLCertificateSocketFactory.getDefault(0);
private final static HostnameVerifier hostnameVerifier = new BrowserCompatHostnameVerifier();
@ -44,6 +43,7 @@ public class TlsSniSocketFactory implements LayeredConnectionSocketFactory {
return sslSocketFactory.createSocket();
}
@TargetApi(Build.VERSION_CODES.JELLY_BEAN_MR1)
@Override
public Socket connectSocket(int timeout, Socket socket, HttpHost host, InetSocketAddress remoteAddr, InetSocketAddress localAddr, HttpContext context) throws IOException {
// we'll rather create a new socket
@ -52,11 +52,14 @@ public class TlsSniSocketFactory implements LayeredConnectionSocketFactory {
// create and connect SSL socket, but don't do hostname/certificate verification yet
SSLSocket ssl = (SSLSocket)sslSocketFactory.createSocket(remoteAddr.getAddress(), host.getPort());
// set up SNI before the handshake
// set reasonable SSL/TLS settings before the handshake:
// - enable all supported protocols (enables TLSv1.1 and TLSv1.2 on Android <4.4.3, if available)
ssl.setEnabledProtocols(ssl.getSupportedProtocols());
// - set SNI host name
if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.JELLY_BEAN_MR1) {
// Android 4.2+, use documented way to set SNI host name
Log.d(TAG, "Setting SNI hostname");
sslSocketFactory.setHostname(ssl, host.getHostName());
// TODO sslSocketFactory.setUseSessionTickets(ssl, true);
} else {
Log.d(TAG, "No documented SNI support on Android <4.2, trying with reflection");
try {