From 79e4287223f4f50cf8b1f587cf57f1b24fd70875 Mon Sep 17 00:00:00 2001 From: Schabi Date: Mon, 18 Jan 2021 11:05:55 +0100 Subject: [PATCH] clean up http client --- .../android/lib/common/http/HttpClient.java | 33 +++++++++---------- 1 file changed, 16 insertions(+), 17 deletions(-) diff --git a/owncloudComLibrary/src/main/java/com/owncloud/android/lib/common/http/HttpClient.java b/owncloudComLibrary/src/main/java/com/owncloud/android/lib/common/http/HttpClient.java index 1e0e760f..3bf4ef2e 100644 --- a/owncloudComLibrary/src/main/java/com/owncloud/android/lib/common/http/HttpClient.java +++ b/owncloudComLibrary/src/main/java/com/owncloud/android/lib/common/http/HttpClient.java @@ -74,35 +74,41 @@ public class HttpClient { try { final X509TrustManager trustManager = new AdvancedX509TrustManager( NetworkUtils.getKnownServersStore(sContext)); - final SSLSocketFactory sslSocketFactory = getNewSslSocketFactory(trustManager); + + + final SSLContext sslContext = buildSSLContext(); + sslContext.init(null, new TrustManager[]{trustManager}, null); + final SSLSocketFactory sslSocketFactory = sslContext.getSocketFactory(); + // Automatic cookie handling, NOT PERSISTENT final CookieJar cookieJar = new CookieJarImpl(mCookieStore); - - // TODO: Not verifying the hostname against certificate. ask owncloud security human if this is ok. - //.hostnameVerifier(new BrowserCompatHostnameVerifier()); mOkHttpClient = buildNewOkHttpClient(sslSocketFactory, trustManager, cookieJar); + } catch(NoSuchAlgorithmException nsae){ + Timber.e(nsae, "Could not setup SSL system."); + throw new RuntimeException("Could not setup okHttp client.", nsae); } catch (Exception e) { - Timber.e(e, "Could not setup SSL system."); + Timber.e(e, "Could not setup okHttp client."); + throw new RuntimeException("Could not setup okHttp client.", e); } } return mOkHttpClient; } - private static SSLContext getSslContext() throws NoSuchAlgorithmException { + private SSLContext buildSSLContext() throws NoSuchAlgorithmException { try { - return SSLContext.getInstance(TlsVersion.TLS_1_3.javaName()); + return SSLContext.getInstance("TLSv1.3"); } catch (NoSuchAlgorithmException tlsv13Exception) { try { Timber.w("TLSv1.3 is not supported in this device; falling through TLSv1.2"); - return SSLContext.getInstance(TlsVersion.TLS_1_2.javaName()); + return SSLContext.getInstance("TLSv1.2"); } catch (NoSuchAlgorithmException tlsv12Exception) { try { Timber.w("TLSv1.2 is not supported in this device; falling through TLSv1.1"); - return SSLContext.getInstance(TlsVersion.TLS_1_1.javaName()); + return SSLContext.getInstance("TLSv1.1"); } catch (NoSuchAlgorithmException tlsv11Exception) { Timber.w("TLSv1.1 is not supported in this device; falling through TLSv1.0"); - return SSLContext.getInstance(TlsVersion.TLS_1_0.javaName()); + return SSLContext.getInstance("TLSv1"); // should be available in any device; see reference of supported protocols in // http://developer.android.com/reference/javax/net/ssl/SSLSocket.html } @@ -110,13 +116,6 @@ public class HttpClient { } } - private static SSLSocketFactory getNewSslSocketFactory(X509TrustManager trustManager) - throws NoSuchAlgorithmException, KeyManagementException { - final SSLContext sslContext = getSslContext(); - sslContext.init(null, new TrustManager[]{trustManager}, null); - return sslContext.getSocketFactory(); - } - private OkHttpClient buildNewOkHttpClient(SSLSocketFactory sslSocketFactory, X509TrustManager trustManager, CookieJar cookieJar) { return new OkHttpClient.Builder()