Commit 795a7fdf authored by Maxim Myalkin's avatar Maxim Myalkin

Refactor Tls12SocketFactory.

parent bd56cfd5
......@@ -30,9 +30,9 @@ class Tls12SocketFactory(private val delegate: SSLSocketFactory) : SSLSocketFact
* should never happen because PKIX is the only supported algorithm
*/
private val trustManager by lazy {
val trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm())
trustManagerFactory.init(null as KeyStore?)
trustManagerFactory.trustManagers
TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm())
.apply { init(null as KeyStore?) }
.trustManagers
.first { it is X509TrustManager } as X509TrustManager
}
......@@ -52,9 +52,13 @@ class Tls12SocketFactory(private val delegate: SSLSocketFactory) : SSLSocketFact
fun OkHttpClient.Builder.enableTls12() = apply {
if (Build.VERSION.SDK_INT < Build.VERSION_CODES.LOLLIPOP_MR1) {
try {
val sslContext = SSLContext.getInstance(TlsVersion.TLS_1_2.javaName())
sslContext.init(null, arrayOf(trustManager), null)
sslSocketFactory(Tls12SocketFactory(sslContext.socketFactory), trustManager)
val tlsSocketFactory = SSLContext.getInstance(TlsVersion.TLS_1_2.javaName())
.apply { init(null, arrayOf(trustManager), null) }
.socketFactory
.let(::Tls12SocketFactory)
sslSocketFactory(tlsSocketFactory, trustManager)
val tls12ConnectionSpec = ConnectionSpec.Builder(ConnectionSpec.MODERN_TLS)
.tlsVersions(TlsVersion.TLS_1_2)
......@@ -81,46 +85,59 @@ class Tls12SocketFactory(private val delegate: SSLSocketFactory) : SSLSocketFact
* @return the (potentially modified) [Socket]
*/
private fun Socket.patchForTls12(): Socket {
return (this as? SSLSocket)?.apply {
if (this is SSLSocket) {
enabledProtocols = arrayOf(TlsVersion.TLS_1_2.javaName())
} ?: this
}
return this
}
override fun getDefaultCipherSuites(): Array<String> {
return delegate.defaultCipherSuites
}
override fun getDefaultCipherSuites(): Array<String> = delegate.defaultCipherSuites
override fun getSupportedCipherSuites(): Array<String> {
return delegate.supportedCipherSuites
}
override fun getSupportedCipherSuites(): Array<String> = delegate.supportedCipherSuites
@Throws(IOException::class)
override fun createSocket(s: Socket, host: String, port: Int, autoClose: Boolean): Socket? {
return delegate.createSocket(s, host, port, autoClose)
.patchForTls12()
}
override fun createSocket(
s: Socket,
host: String,
port: Int,
autoClose: Boolean
): Socket? = delegate
.createSocket(s, host, port, autoClose)
.patchForTls12()
@Throws(IOException::class, UnknownHostException::class)
override fun createSocket(host: String, port: Int): Socket? {
return delegate.createSocket(host, port)
.patchForTls12()
}
override fun createSocket(
host: String,
port: Int
): Socket? = delegate
.createSocket(host, port)
.patchForTls12()
@Throws(IOException::class, UnknownHostException::class)
override fun createSocket(host: String, port: Int, localHost: InetAddress, localPort: Int): Socket? {
return delegate.createSocket(host, port, localHost, localPort)
.patchForTls12()
}
override fun createSocket(
host: String,
port: Int,
localHost: InetAddress,
localPort: Int
): Socket? = delegate
.createSocket(host, port, localHost, localPort)
.patchForTls12()
@Throws(IOException::class)
override fun createSocket(host: InetAddress, port: Int): Socket? {
return delegate.createSocket(host, port)
.patchForTls12()
}
override fun createSocket(
host: InetAddress,
port: Int
): Socket? = delegate
.createSocket(host, port)
.patchForTls12()
@Throws(IOException::class)
override fun createSocket(address: InetAddress, port: Int, localAddress: InetAddress, localPort: Int): Socket? {
return delegate.createSocket(address, port, localAddress, localPort)
.patchForTls12()
}
override fun createSocket(
address: InetAddress,
port: Int,
localAddress: InetAddress,
localPort: Int
): Socket? = delegate
.createSocket(address, port, localAddress, localPort)
.patchForTls12()
}
\ No newline at end of file
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment