Commit 2c887035 by Hans-Christoph Steiner

use NetCipher to get improved TLS and cipher support on HTTPS connections

The NetCipher library creates instances of HttpURLConnection that are
configured to have solid TLS protocol and cipher settings, especially on
older versions of Android.

fixes #370 #370
1 parent 853e2817
......@@ -24,6 +24,7 @@ if (!hasProperty('sourceDeps')) {
compile 'com.google.zxing:core:3.2.1'
compile 'eu.chainfire:libsuperuser:1.0.0.201504231659'
compile 'cc.mvdan.accesspoint:library:0.1.1'
compile 'info.guardianproject.netcipher:netcipher:1.2'
// We use a slightly modified spongycastle, see
// openkeychain/spongycastle with some changes on top of 1.51.0.0
......
......@@ -10,6 +10,10 @@
-dontnote android.support.**
-dontnote **ILicensingService
# StrongHttpsClient and its support classes are totally unused, so the
# ch.boye.httpclientandroidlib.** classes are also unneeded
-dontwarn info.guardianproject.netcipher.client.**
# These libraries are known to break if minification is enabled on them. They
# use reflection to instantiate classes, for example. If the keep flags are
# removed, proguard will strip classes which are required, which may result in
......
......@@ -8,7 +8,6 @@ import com.nostra13.universalimageloader.core.download.BaseImageDownloader;
import org.fdroid.fdroid.Preferences;
import org.fdroid.fdroid.Utils;
import javax.net.ssl.SSLHandshakeException;
import java.io.File;
import java.io.FileNotFoundException;
import java.io.IOException;
......@@ -20,6 +19,10 @@ import java.net.Proxy;
import java.net.SocketAddress;
import java.net.URL;
import javax.net.ssl.SSLHandshakeException;
import info.guardianproject.netcipher.NetCipher;
public class HttpDownloader extends Downloader {
private static final String TAG = "HttpDownloader";
......@@ -88,10 +91,11 @@ public class HttpDownloader extends Downloader {
if (prefs.isProxyEnabled()) {
SocketAddress sa = new InetSocketAddress(prefs.getProxyHost(), prefs.getProxyPort());
Proxy proxy = new Proxy(Proxy.Type.HTTP, sa);
connection = (HttpURLConnection) sourceUrl.openConnection(proxy);
NetCipher.setProxy(proxy);
} else {
connection = (HttpURLConnection) sourceUrl.openConnection();
NetCipher.setProxy(null);
}
connection = NetCipher.getHttpURLConnection(sourceUrl);
}
protected void doDownload() throws IOException, InterruptedException {
......
Markdown is supported
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!