Commit 3b59cf18 authored by Andreas Schildbach's avatar Andreas Schildbach

Use restricted TLS connection spec for all endpoints we're at least in indirect control of.

parent 8c55a262
...@@ -26,6 +26,7 @@ import java.io.InputStream; ...@@ -26,6 +26,7 @@ import java.io.InputStream;
import java.io.InputStreamReader; import java.io.InputStreamReader;
import java.net.HttpURLConnection; import java.net.HttpURLConnection;
import java.nio.charset.StandardCharsets; import java.nio.charset.StandardCharsets;
import java.util.Arrays;
import java.util.Date; import java.util.Date;
import java.util.HashMap; import java.util.HashMap;
import java.util.Map; import java.util.Map;
...@@ -47,6 +48,7 @@ import android.content.res.AssetManager; ...@@ -47,6 +48,7 @@ import android.content.res.AssetManager;
import android.os.AsyncTask; import android.os.AsyncTask;
import androidx.lifecycle.LiveData; import androidx.lifecycle.LiveData;
import okhttp3.Call; import okhttp3.Call;
import okhttp3.ConnectionSpec;
import okhttp3.HttpUrl; import okhttp3.HttpUrl;
import okhttp3.OkHttpClient; import okhttp3.OkHttpClient;
import okhttp3.Request; import okhttp3.Request;
...@@ -171,6 +173,7 @@ public class DynamicFeeLiveData extends LiveData<Map<FeeCategory, Coin>> { ...@@ -171,6 +173,7 @@ public class DynamicFeeLiveData extends LiveData<Map<FeeCategory, Coin>> {
request.header("If-Modified-Since", HttpDate.format(new Date(targetFile.lastModified()))); request.header("If-Modified-Since", HttpDate.format(new Date(targetFile.lastModified())));
final OkHttpClient.Builder httpClientBuilder = Constants.HTTP_CLIENT.newBuilder(); final OkHttpClient.Builder httpClientBuilder = Constants.HTTP_CLIENT.newBuilder();
httpClientBuilder.connectionSpecs(Arrays.asList(ConnectionSpec.RESTRICTED_TLS));
httpClientBuilder.connectTimeout(5, TimeUnit.SECONDS); httpClientBuilder.connectTimeout(5, TimeUnit.SECONDS);
httpClientBuilder.writeTimeout(5, TimeUnit.SECONDS); httpClientBuilder.writeTimeout(5, TimeUnit.SECONDS);
httpClientBuilder.readTimeout(5, TimeUnit.SECONDS); httpClientBuilder.readTimeout(5, TimeUnit.SECONDS);
......
...@@ -18,6 +18,7 @@ ...@@ -18,6 +18,7 @@
package de.schildbach.wallet.data; package de.schildbach.wallet.data;
import java.math.BigDecimal; import java.math.BigDecimal;
import java.util.Arrays;
import java.util.Currency; import java.util.Currency;
import java.util.Iterator; import java.util.Iterator;
import java.util.Locale; import java.util.Locale;
...@@ -49,7 +50,9 @@ import android.provider.BaseColumns; ...@@ -49,7 +50,9 @@ import android.provider.BaseColumns;
import android.text.format.DateUtils; import android.text.format.DateUtils;
import androidx.annotation.Nullable; import androidx.annotation.Nullable;
import okhttp3.Call; import okhttp3.Call;
import okhttp3.ConnectionSpec;
import okhttp3.HttpUrl; import okhttp3.HttpUrl;
import okhttp3.OkHttpClient.Builder;
import okhttp3.Request; import okhttp3.Request;
import okhttp3.Response; import okhttp3.Response;
...@@ -235,7 +238,9 @@ public class ExchangeRatesProvider extends ContentProvider { ...@@ -235,7 +238,9 @@ public class ExchangeRatesProvider extends ContentProvider {
request.url(BITCOINAVERAGE_URL); request.url(BITCOINAVERAGE_URL);
request.header("User-Agent", userAgent); request.header("User-Agent", userAgent);
final Call call = Constants.HTTP_CLIENT.newCall(request.build()); final Builder httpClientBuilder = Constants.HTTP_CLIENT.newBuilder();
httpClientBuilder.connectionSpecs(Arrays.asList(ConnectionSpec.RESTRICTED_TLS));
final Call call = httpClientBuilder.build().newCall(request.build());
try { try {
final Response response = call.execute(); final Response response = call.execute();
if (response.isSuccessful()) { if (response.isSuccessful()) {
......
...@@ -21,6 +21,7 @@ import java.io.BufferedReader; ...@@ -21,6 +21,7 @@ import java.io.BufferedReader;
import java.net.SocketException; import java.net.SocketException;
import java.net.SocketTimeoutException; import java.net.SocketTimeoutException;
import java.net.UnknownHostException; import java.net.UnknownHostException;
import java.util.Arrays;
import java.util.Iterator; import java.util.Iterator;
import org.slf4j.Logger; import org.slf4j.Logger;
...@@ -52,7 +53,9 @@ import android.text.format.DateUtils; ...@@ -52,7 +53,9 @@ import android.text.format.DateUtils;
import androidx.fragment.app.Fragment; import androidx.fragment.app.Fragment;
import androidx.fragment.app.FragmentManager; import androidx.fragment.app.FragmentManager;
import okhttp3.Call; import okhttp3.Call;
import okhttp3.ConnectionSpec;
import okhttp3.HttpUrl; import okhttp3.HttpUrl;
import okhttp3.OkHttpClient.Builder;
import okhttp3.Request; import okhttp3.Request;
import okhttp3.Response; import okhttp3.Response;
...@@ -125,7 +128,9 @@ public class AlertDialogsFragment extends Fragment { ...@@ -125,7 +128,9 @@ public class AlertDialogsFragment extends Fragment {
if (userAgent != null) if (userAgent != null)
request.header("User-Agent", userAgent); request.header("User-Agent", userAgent);
final Call call = Constants.HTTP_CLIENT.newCall(request.build()); final Builder httpClientBuilder = Constants.HTTP_CLIENT.newBuilder();
httpClientBuilder.connectionSpecs(Arrays.asList(ConnectionSpec.RESTRICTED_TLS));
final Call call = httpClientBuilder.build().newCall(request.build());
backgroundHandler.post(new Runnable() { backgroundHandler.post(new Runnable() {
@Override @Override
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment