From 4c24d1c29a726a67eabf86a9f9866e5daeca4ae8 Mon Sep 17 00:00:00 2001 From: Mats Wahlberg Date: Tue, 21 Apr 2020 17:41:24 +0200 Subject: Bundle Conscrypt security provider for Free builds This fixes protocol and cipher errors on older versions of android without requiring Google API/Services (which are non-free) to replace the security provider from the OS. No changes are made to Play builds. The value of conscryptVersion in build.gradle should be updated regularly to keep the bundled version of conscrypt up to date (or changed to "latest.release", which will cause issues with verifying reproducible builds). Fixes: #2814 (for users of free builds) --- core/src/free/java/de/danoeh/antennapod/core/ClientConfig.java | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) (limited to 'core/src/free') diff --git a/core/src/free/java/de/danoeh/antennapod/core/ClientConfig.java b/core/src/free/java/de/danoeh/antennapod/core/ClientConfig.java index 824a4fae3..aff8081e2 100644 --- a/core/src/free/java/de/danoeh/antennapod/core/ClientConfig.java +++ b/core/src/free/java/de/danoeh/antennapod/core/ClientConfig.java @@ -1,6 +1,13 @@ package de.danoeh.antennapod.core; import android.content.Context; +import java.security.Security; + +/* + * If you get an error here ("package org.conscrypt does not exist"), you are probably doing a free + * build and didn't pass -PfreeBuild to gradle (e.g. ./gradlew assembleFreeRelease -PfreeBuild). + */ +import org.conscrypt.Conscrypt; import de.danoeh.antennapod.core.preferences.PlaybackPreferences; import de.danoeh.antennapod.core.preferences.SleepTimerPreferences; @@ -55,6 +62,7 @@ public class ClientConfig { } private static void installSslProvider(Context context) { - // ProviderInstaller is a closed-source Google library + // Insert bundled conscrypt as highest security provider (overrides OS version). + Security.insertProviderAt(Conscrypt.newProvider(), 1); } } -- cgit v1.2.3