Merge pull request #1 from Vavassor/master

Rebase
tuskyapp · Apr 14, 2017 · 50f31d3 · 50f31d3
2 parents 692dc0e + 18d5d01
commit 50f31d3
Show file tree

Hide file tree

Showing 2 changed files with 20 additions and 7 deletions.
diff --git a/app/build.gradle b/app/build.gradle
@@ -7,8 +7,8 @@ android {
         applicationId "com.keylesspalace.tusky"
         minSdkVersion 15
         targetSdkVersion 25
-        versionCode 13
-        versionName "1.1.0"
+        versionCode 15
+        versionName "1.1.2"
         testInstrumentationRunner "android.support.test.runner.AndroidJUnitRunner"
         vectorDrawables.useSupportLibrary true
     }

diff --git a/app/src/main/java/com/keylesspalace/tusky/OkHttpUtils.java b/app/src/main/java/com/keylesspalace/tusky/OkHttpUtils.java
@@ -88,14 +88,27 @@ private static void addNougatFixConnectionSpec(List<ConnectionSpec> specList) {
         if (Build.VERSION.SDK_INT != Build.VERSION_CODES.N) {
             return;
         }
-        SSLContext sslContext;
+        SSLSocketFactory socketFactory;
         try {
-            sslContext = SSLContext.getInstance("TLS");
-        } catch (NoSuchAlgorithmException e) {
-            Log.e(TAG, "Failed obtaining TLS Context.");
+            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(
+                    TrustManagerFactory.getDefaultAlgorithm());
+            trustManagerFactory.init((KeyStore) null);
+            TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
+            if (trustManagers.length != 1 || !(trustManagers[0] instanceof X509TrustManager)) {
+                throw new IllegalStateException("Unexpected default trust managers:"
+                        + Arrays.toString(trustManagers));
+            }
+
+            X509TrustManager trustManager = (X509TrustManager) trustManagers[0];
+
+            SSLContext sslContext = SSLContext.getInstance("TLS");
+            sslContext.init(null, new TrustManager[] { trustManager }, null);
+            socketFactory = sslContext.getSocketFactory();
+        } catch (NoSuchAlgorithmException|KeyStoreException|KeyManagementException e) {
+            Log.e(TAG, "Failed obtaining the SSL socket factory.");
             return;
         }
-        String[] cipherSuites = sslContext.getSocketFactory().getDefaultCipherSuites();
+        String[] cipherSuites = socketFactory.getDefaultCipherSuites();
         ArrayList<String> allowedList = new ArrayList<>();
         for (String suite : cipherSuites) {
             if (!suite.contains("ECDH")) {