From 3321e8db4f51834eb9bd7de54f081fe4c14d1fca Mon Sep 17 00:00:00 2001
From: Martin Fietz <Martin.Fietz@gmail.com>
Date: Sun, 16 Aug 2015 17:37:43 +0200
Subject: Custom SSL Socket Factory for Android 4.1+ (but below 5)

---
 core/build.gradle                                  |  4 +-
 .../service/download/AntennapodHttpClient.java     | 80 ++++++++++++++++++++++
 2 files changed, 82 insertions(+), 2 deletions(-)

(limited to 'core')

diff --git a/core/build.gradle b/core/build.gradle
index 14667ba37..46b2e3ce9 100644
--- a/core/build.gradle
+++ b/core/build.gradle
@@ -45,8 +45,8 @@ dependencies {
     compile 'org.jsoup:jsoup:1.7.3'
     compile 'com.github.bumptech.glide:glide:3.6.1'
     compile 'com.github.bumptech.glide:okhttp-integration:1.3.0'
-    compile 'com.squareup.okhttp:okhttp:2.3.0'
-    compile 'com.squareup.okhttp:okhttp-urlconnection:2.3.0'
+    compile 'com.squareup.okhttp:okhttp:2.4.0'
+    compile 'com.squareup.okhttp:okhttp-urlconnection:2.4.0'
     compile 'com.squareup.okio:okio:1.2.0'
     compile 'com.nineoldandroids:library:2.4.0'
     compile 'de.greenrobot:eventbus:2.4.0'
diff --git a/core/src/main/java/de/danoeh/antennapod/core/service/download/AntennapodHttpClient.java b/core/src/main/java/de/danoeh/antennapod/core/service/download/AntennapodHttpClient.java
index ec3d3e2fe..402a7a8bd 100644
--- a/core/src/main/java/de/danoeh/antennapod/core/service/download/AntennapodHttpClient.java
+++ b/core/src/main/java/de/danoeh/antennapod/core/service/download/AntennapodHttpClient.java
@@ -1,13 +1,22 @@
 package de.danoeh.antennapod.core.service.download;
 
+import android.os.Build;
 import android.util.Log;
 
 import com.squareup.okhttp.OkHttpClient;
 
+import java.io.IOException;
 import java.net.CookieManager;
 import java.net.CookiePolicy;
+import java.net.InetAddress;
+import java.net.Socket;
+import java.security.GeneralSecurityException;
 import java.util.concurrent.TimeUnit;
 
+import javax.net.ssl.SSLContext;
+import javax.net.ssl.SSLSocket;
+import javax.net.ssl.SSLSocketFactory;
+
 import de.danoeh.antennapod.core.BuildConfig;
 
 /**
@@ -50,6 +59,10 @@ public class AntennapodHttpClient {
             client.setFollowRedirects(true);
             client.setFollowSslRedirects(true);
 
+            if(16 <= Build.VERSION.SDK_INT && Build.VERSION.SDK_INT < 21) {
+                client.setSslSocketFactory(new CustomSslSocketFactory());
+            }
+
             httpClient = client;
         }
         return httpClient;
@@ -64,4 +77,71 @@ public class AntennapodHttpClient {
             // does nothing at the moment
         }
     }
+
+    private static class CustomSslSocketFactory extends SSLSocketFactory {
+
+        private SSLSocketFactory factory;
+
+        public CustomSslSocketFactory() {
+            try {
+                SSLContext sslContext = SSLContext.getInstance("TLSv1.2");
+                sslContext.init(null, null, null);
+                factory= sslContext.getSocketFactory();
+            } catch(GeneralSecurityException e) {
+                e.printStackTrace();
+            }
+        }
+
+        @Override
+        public String[] getDefaultCipherSuites() {
+            return factory.getDefaultCipherSuites();
+        }
+
+        @Override
+        public String[] getSupportedCipherSuites() {
+            return factory.getSupportedCipherSuites();
+        }
+
+        public Socket createSocket() throws IOException {
+            SSLSocket result = (SSLSocket) factory.createSocket();
+            configureSocket(result);
+            return result;
+        }
+
+        public Socket createSocket(String var1, int var2) throws IOException {
+            SSLSocket result = (SSLSocket) factory.createSocket(var1, var2);
+            configureSocket(result);
+            return result;
+        }
+
+        public Socket createSocket(Socket var1, String var2, int var3, boolean var4) throws IOException {
+            SSLSocket result = (SSLSocket) factory.createSocket(var1, var2, var3, var4);
+            configureSocket(result);
+            return result;
+        }
+
+        public Socket createSocket(InetAddress var1, int var2) throws IOException {
+            SSLSocket result = (SSLSocket) factory.createSocket(var1, var2);
+            configureSocket(result);
+            return result;
+        }
+
+        public Socket createSocket(String var1, int var2, InetAddress var3, int var4) throws IOException {
+            SSLSocket result = (SSLSocket) factory.createSocket(var1, var2, var3, var4);
+            configureSocket(result);
+            return result;
+        }
+
+        public Socket createSocket(InetAddress var1, int var2, InetAddress var3, int var4) throws IOException {
+            SSLSocket result = (SSLSocket) factory.createSocket(var1, var2, var3, var4);
+            configureSocket(result);
+            return result;
+        }
+
+        private void configureSocket(SSLSocket s) {
+            s.setEnabledProtocols(new String[] { "TLSv1.2", "TLSv1.1" } );
+        }
+
+    }
+
 }
-- 
cgit v1.2.3