aboutsummaryrefslogtreecommitdiff
path: root/repackaged/common/src/main/java/com/android/org/conscrypt/SSLParametersImpl.java
diff options
context:
space:
mode:
Diffstat (limited to 'repackaged/common/src/main/java/com/android/org/conscrypt/SSLParametersImpl.java')
-rw-r--r--repackaged/common/src/main/java/com/android/org/conscrypt/SSLParametersImpl.java15
1 files changed, 13 insertions, 2 deletions
diff --git a/repackaged/common/src/main/java/com/android/org/conscrypt/SSLParametersImpl.java b/repackaged/common/src/main/java/com/android/org/conscrypt/SSLParametersImpl.java
index 93bdc4f8..9130380f 100644
--- a/repackaged/common/src/main/java/com/android/org/conscrypt/SSLParametersImpl.java
+++ b/repackaged/common/src/main/java/com/android/org/conscrypt/SSLParametersImpl.java
@@ -146,8 +146,19 @@ final class SSLParametersImpl implements Cloneable {
}
// initialize the list of cipher suites and protocols enabled by default
- enabledProtocols = NativeCrypto.checkEnabledProtocols(
- protocols == null ? NativeCrypto.getDefaultProtocols() : protocols).clone();
+ if (protocols == null) {
+ enabledProtocols = NativeCrypto.getDefaultProtocols().clone();
+ } else {
+ String[] filteredProtocols =
+ filterFromProtocols(protocols, Arrays.asList(Platform.isTlsV1Supported()
+ ? new String[0]
+ : new String[] {
+ NativeCrypto.DEPRECATED_PROTOCOL_TLSV1,
+ NativeCrypto.DEPRECATED_PROTOCOL_TLSV1_1,
+ }));
+ isEnabledProtocolsFiltered = protocols.length != filteredProtocols.length;
+ enabledProtocols = NativeCrypto.checkEnabledProtocols(filteredProtocols).clone();
+ }
boolean x509CipherSuitesNeeded = (x509KeyManager != null) || (x509TrustManager != null);
boolean pskCipherSuitesNeeded = pskKeyManager != null;
enabledCipherSuites = getDefaultCipherSuites(
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-17 07:54:35 +0000