diff options
Diffstat (limited to 'repackaged/common/src/main/java/com/android/org/conscrypt/SSLParametersImpl.java')
-rw-r--r-- | repackaged/common/src/main/java/com/android/org/conscrypt/SSLParametersImpl.java | 15 |
1 files changed, 13 insertions, 2 deletions
diff --git a/repackaged/common/src/main/java/com/android/org/conscrypt/SSLParametersImpl.java b/repackaged/common/src/main/java/com/android/org/conscrypt/SSLParametersImpl.java index 93bdc4f8..9130380f 100644 --- a/repackaged/common/src/main/java/com/android/org/conscrypt/SSLParametersImpl.java +++ b/repackaged/common/src/main/java/com/android/org/conscrypt/SSLParametersImpl.java @@ -146,8 +146,19 @@ final class SSLParametersImpl implements Cloneable { } // initialize the list of cipher suites and protocols enabled by default - enabledProtocols = NativeCrypto.checkEnabledProtocols( - protocols == null ? NativeCrypto.getDefaultProtocols() : protocols).clone(); + if (protocols == null) { + enabledProtocols = NativeCrypto.getDefaultProtocols().clone(); + } else { + String[] filteredProtocols = + filterFromProtocols(protocols, Arrays.asList(Platform.isTlsV1Supported() + ? new String[0] + : new String[] { + NativeCrypto.DEPRECATED_PROTOCOL_TLSV1, + NativeCrypto.DEPRECATED_PROTOCOL_TLSV1_1, + })); + isEnabledProtocolsFiltered = protocols.length != filteredProtocols.length; + enabledProtocols = NativeCrypto.checkEnabledProtocols(filteredProtocols).clone(); + } boolean x509CipherSuitesNeeded = (x509KeyManager != null) || (x509TrustManager != null); boolean pskCipherSuitesNeeded = pskKeyManager != null; enabledCipherSuites = getDefaultCipherSuites( |