From 852f2d0b2aa661bb7e0f1eac73b041570ffbfbc3 Mon Sep 17 00:00:00 2001 From: kunni80 Date: Tue, 5 Apr 2016 11:11:08 +0100 Subject: [PATCH 1/2] Issue #173 -- Enabling TLS 1.2 on Android Versions prior to Lollipop Error when connecting from Android to a server that does not support TLS 1.0 --- .../Android/OkHttpNetworkHandler.cs | 6 ++ .../Android/TlsSSLSocketFactory.cs | 73 +++++++++++++++++++ 2 files changed, 79 insertions(+) create mode 100644 src/ModernHttpClient/Android/TlsSSLSocketFactory.cs diff --git a/src/ModernHttpClient/Android/OkHttpNetworkHandler.cs b/src/ModernHttpClient/Android/OkHttpNetworkHandler.cs index 6839410..a774a17 100644 --- a/src/ModernHttpClient/Android/OkHttpNetworkHandler.cs +++ b/src/ModernHttpClient/Android/OkHttpNetworkHandler.cs @@ -38,6 +38,12 @@ public NativeMessageHandler(bool throwOnCaptiveNetwork, bool customSSLVerificati if (customSSLVerification) client.SetHostnameVerifier(new HostnameVerifier()); noCacheCacheControl = (new CacheControl.Builder()).NoCache().Build(); + + // If less than Android Lollipop + if (((int)Build.VERSION.SdkInt) < 21) + { + client.SetSslSocketFactory(new TlsSSLSocketFactory()); + } } public void RegisterForProgress(HttpRequestMessage request, ProgressDelegate callback) diff --git a/src/ModernHttpClient/Android/TlsSSLSocketFactory.cs b/src/ModernHttpClient/Android/TlsSSLSocketFactory.cs new file mode 100644 index 0000000..9d439f5 --- /dev/null +++ b/src/ModernHttpClient/Android/TlsSSLSocketFactory.cs @@ -0,0 +1,73 @@ +using Javax.Net.Ssl; + +namespace ModernHttpClient +{ + + public class TlsSSLSocketFactory : SSLSocketFactory + { + readonly SSLSocketFactory factory = (SSLSocketFactory)Default; + + public override string[] GetDefaultCipherSuites() + { + return factory.GetDefaultCipherSuites(); + } + + public override string[] GetSupportedCipherSuites() + { + return factory.GetSupportedCipherSuites(); + } + public override Java.Net.Socket CreateSocket(Java.Net.InetAddress address, int port, Java.Net.InetAddress localAddress, int localPort) + { + SSLSocket socket = (SSLSocket)factory.CreateSocket(address, port, localAddress, localPort); + socket.SetEnabledProtocols(socket.GetSupportedProtocols()); + + return socket; + } + + public override Java.Net.Socket CreateSocket(Java.Net.InetAddress host, int port) + { + SSLSocket socket = (SSLSocket)factory.CreateSocket(host, port); + socket.SetEnabledProtocols(socket.GetSupportedProtocols()); + + return socket; + } + + public override Java.Net.Socket CreateSocket(string host, int port, Java.Net.InetAddress localHost, int localPort) + { + SSLSocket socket = (SSLSocket)factory.CreateSocket(host, port, localHost, localPort); + socket.SetEnabledProtocols(socket.GetSupportedProtocols()); + + return socket; + } + + public override Java.Net.Socket CreateSocket(string host, int port) + { + SSLSocket socket = (SSLSocket)factory.CreateSocket(host, port); + socket.SetEnabledProtocols(socket.GetSupportedProtocols()); + + return socket; + } + + public override Java.Net.Socket CreateSocket(Java.Net.Socket s, string host, int port, bool autoClose) + { + SSLSocket socket = (SSLSocket)factory.CreateSocket(s, host, port, autoClose); + socket.SetEnabledProtocols(socket.GetSupportedProtocols()); + + return socket; + } + + protected override void Dispose(bool disposing) + { + factory.Dispose(); + base.Dispose(disposing); + } + + public override Java.Net.Socket CreateSocket() + { + SSLSocket socket = (SSLSocket)factory.CreateSocket(); + socket.SetEnabledProtocols(socket.GetSupportedProtocols()); + + return socket; + } + } +} \ No newline at end of file From 8eea4ad12b3075639bca2beba0332fd8d884e7d3 Mon Sep 17 00:00:00 2001 From: kunni80 Date: Tue, 26 Apr 2016 12:08:35 +0100 Subject: [PATCH 2/2] with additions for enabling supported cipher suites --- src/ModernHttpClient/Android/TlsSSLSocketFactory.cs | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/src/ModernHttpClient/Android/TlsSSLSocketFactory.cs b/src/ModernHttpClient/Android/TlsSSLSocketFactory.cs index 9d439f5..d4bd9f7 100644 --- a/src/ModernHttpClient/Android/TlsSSLSocketFactory.cs +++ b/src/ModernHttpClient/Android/TlsSSLSocketFactory.cs @@ -20,6 +20,7 @@ public override Java.Net.Socket CreateSocket(Java.Net.InetAddress address, int p { SSLSocket socket = (SSLSocket)factory.CreateSocket(address, port, localAddress, localPort); socket.SetEnabledProtocols(socket.GetSupportedProtocols()); + socket.SetEnabledCipherSuites(socket.GetSupportedCipherSuites()); return socket; } @@ -28,6 +29,7 @@ public override Java.Net.Socket CreateSocket(Java.Net.InetAddress host, int port { SSLSocket socket = (SSLSocket)factory.CreateSocket(host, port); socket.SetEnabledProtocols(socket.GetSupportedProtocols()); + socket.SetEnabledCipherSuites(socket.GetSupportedCipherSuites()); return socket; } @@ -36,6 +38,7 @@ public override Java.Net.Socket CreateSocket(string host, int port, Java.Net.Ine { SSLSocket socket = (SSLSocket)factory.CreateSocket(host, port, localHost, localPort); socket.SetEnabledProtocols(socket.GetSupportedProtocols()); + socket.SetEnabledCipherSuites(socket.GetSupportedCipherSuites()); return socket; } @@ -44,6 +47,7 @@ public override Java.Net.Socket CreateSocket(string host, int port) { SSLSocket socket = (SSLSocket)factory.CreateSocket(host, port); socket.SetEnabledProtocols(socket.GetSupportedProtocols()); + socket.SetEnabledCipherSuites(socket.GetSupportedCipherSuites()); return socket; } @@ -52,6 +56,7 @@ public override Java.Net.Socket CreateSocket(Java.Net.Socket s, string host, int { SSLSocket socket = (SSLSocket)factory.CreateSocket(s, host, port, autoClose); socket.SetEnabledProtocols(socket.GetSupportedProtocols()); + socket.SetEnabledCipherSuites(socket.GetSupportedCipherSuites()); return socket; } @@ -66,6 +71,7 @@ public override Java.Net.Socket CreateSocket() { SSLSocket socket = (SSLSocket)factory.CreateSocket(); socket.SetEnabledProtocols(socket.GetSupportedProtocols()); + socket.SetEnabledCipherSuites(socket.GetSupportedCipherSuites()); return socket; }