Mastodon
/
Twidere-App-Android-Twitter-Mastodon
mirror of https://github.com/TwidereProject/Twidere-Android
1
0
Fork 0
Code Issues Releases Wiki Activity

Merge pull request #783 from fmauNeko/develop 

Fix ECC being crippled on Android 7.0
This commit is contained in:
Mariotaku 2017-04-23 10:24:30 -05:00 committed by GitHub
parent ae6df32777 b4317b8864
commit fc4626f948
1 changed files with 41 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

41
twidere/src/main/kotlin/org/mariotaku/twidere/util/HttpClientFactory.kt
View File

@ -16,6 +16,14 @@ import java.io.IOException
import java.net.InetSocketAddress import java.net.InetSocketAddress
import java.net.Proxy import java.net.Proxy
import java.util.concurrent.TimeUnit import java.util.concurrent.TimeUnit
import okhttp3.ConnectionSpec
import java.util.ArrayList
import android.util.Log
import java.security.NoSuchAlgorithmException
import javax.net.ssl.SSLContext
import android.os.Build
/** /**
@ -33,9 +41,33 @@ object HttpClientFactory {
fun initOkHttpClient(conf: HttpClientConfiguration, builder: OkHttpClient.Builder, dns: Dns, fun initOkHttpClient(conf: HttpClientConfiguration, builder: OkHttpClient.Builder, dns: Dns,
connectionPool: ConnectionPool, cache: Cache) { connectionPool: ConnectionPool, cache: Cache) {
updateHttpClientConfiguration(builder, conf, dns, connectionPool, cache) updateHttpClientConfiguration(builder, conf, dns, connectionPool, cache)
updateTLSConnectionSpecs(builder)
DebugModeUtils.initForOkHttpClient(builder) DebugModeUtils.initForOkHttpClient(builder)
} }
internal fun nougatECCFix(specList: ArrayList<ConnectionSpec>) {
// Shamelessly stolen from Tusky
if (Build.VERSION.SDK_INT != Build.VERSION_CODES.N) {
return
}
val sslContext: SSLContext
try {
sslContext = SSLContext.getInstance("TLS")
} catch (e: NoSuchAlgorithmException) {
Log.e("HttpClientFactory", "Failed obtaining TLS Context.")
return
}
sslContext.init(null, null, null)
val cipherSuites = sslContext.socketFactory.defaultCipherSuites
val allowedList = cipherSuites.filterNotTo(ArrayList<String>()) { it.contains("ECDH") }
val spec = ConnectionSpec.Builder(ConnectionSpec.MODERN_TLS)
.cipherSuites(*allowedList.toTypedArray())
.supportsTlsExtensions(true)
.build()
specList.add(spec)
}
internal fun updateHttpClientConfiguration(builder: OkHttpClient.Builder, conf: HttpClientConfiguration, internal fun updateHttpClientConfiguration(builder: OkHttpClient.Builder, conf: HttpClientConfiguration,
dns: Dns, connectionPool: ConnectionPool, cache: Cache) { dns: Dns, connectionPool: ConnectionPool, cache: Cache) {
conf.applyTo(builder) conf.applyTo(builder)
@ -44,6 +76,15 @@ object HttpClientFactory {
builder.cache(cache) builder.cache(cache)
} }
internal fun updateTLSConnectionSpecs(builder: OkHttpClient.Builder) {
//Default spec list from OkHttpClient.DEFAULT_CONNECTION_SPECS
var specList: ArrayList<ConnectionSpec> = ArrayList()
specList.add(ConnectionSpec.MODERN_TLS)
nougatECCFix(specList)
specList.add(ConnectionSpec.CLEARTEXT)
builder.connectionSpecs(specList)
}
class HttpClientConfiguration(val prefs: SharedPreferences) { class HttpClientConfiguration(val prefs: SharedPreferences) {
var readTimeoutSecs: Long = -1 var readTimeoutSecs: Long = -1