From f5fd17ac6660f29776cb25ff51f35ae44f6088d9 Mon Sep 17 00:00:00 2001 From: Vavassor Date: Thu, 13 Apr 2017 16:01:15 -0400 Subject: [PATCH 1/2] Release 1.1.1 --- app/build.gradle | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/app/build.gradle b/app/build.gradle index 7ea77d4ba..c75457b9e 100644 --- a/app/build.gradle +++ b/app/build.gradle @@ -7,8 +7,8 @@ android { applicationId "com.keylesspalace.tusky" minSdkVersion 15 targetSdkVersion 25 - versionCode 13 - versionName "1.1.0" + versionCode 14 + versionName "1.1.1" testInstrumentationRunner "android.support.test.runner.AndroidJUnitRunner" vectorDrawables.useSupportLibrary true } From 18d5d0152c3adf32317890c8ad9f1e7f00971fb1 Mon Sep 17 00:00:00 2001 From: Vavassor Date: Thu, 13 Apr 2017 17:14:43 -0400 Subject: [PATCH 2/2] Release 1.1.2 --- app/build.gradle | 4 ++-- .../com/keylesspalace/tusky/OkHttpUtils.java | 23 +++++++++++++++---- 2 files changed, 20 insertions(+), 7 deletions(-) diff --git a/app/build.gradle b/app/build.gradle index c75457b9e..ebacc2234 100644 --- a/app/build.gradle +++ b/app/build.gradle @@ -7,8 +7,8 @@ android { applicationId "com.keylesspalace.tusky" minSdkVersion 15 targetSdkVersion 25 - versionCode 14 - versionName "1.1.1" + versionCode 15 + versionName "1.1.2" testInstrumentationRunner "android.support.test.runner.AndroidJUnitRunner" vectorDrawables.useSupportLibrary true } diff --git a/app/src/main/java/com/keylesspalace/tusky/OkHttpUtils.java b/app/src/main/java/com/keylesspalace/tusky/OkHttpUtils.java index 28d5f93e0..9c239c803 100644 --- a/app/src/main/java/com/keylesspalace/tusky/OkHttpUtils.java +++ b/app/src/main/java/com/keylesspalace/tusky/OkHttpUtils.java @@ -88,14 +88,27 @@ class OkHttpUtils { if (Build.VERSION.SDK_INT != Build.VERSION_CODES.N) { return; } - SSLContext sslContext; + SSLSocketFactory socketFactory; try { - sslContext = SSLContext.getInstance("TLS"); - } catch (NoSuchAlgorithmException e) { - Log.e(TAG, "Failed obtaining TLS Context."); + TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance( + TrustManagerFactory.getDefaultAlgorithm()); + trustManagerFactory.init((KeyStore) null); + TrustManager[] trustManagers = trustManagerFactory.getTrustManagers(); + if (trustManagers.length != 1 || !(trustManagers[0] instanceof X509TrustManager)) { + throw new IllegalStateException("Unexpected default trust managers:" + + Arrays.toString(trustManagers)); + } + + X509TrustManager trustManager = (X509TrustManager) trustManagers[0]; + + SSLContext sslContext = SSLContext.getInstance("TLS"); + sslContext.init(null, new TrustManager[] { trustManager }, null); + socketFactory = sslContext.getSocketFactory(); + } catch (NoSuchAlgorithmException|KeyStoreException|KeyManagementException e) { + Log.e(TAG, "Failed obtaining the SSL socket factory."); return; } - String[] cipherSuites = sslContext.getSocketFactory().getDefaultCipherSuites(); + String[] cipherSuites = socketFactory.getDefaultCipherSuites(); ArrayList allowedList = new ArrayList<>(); for (String suite : cipherSuites) { if (!suite.contains("ECDH")) {