diff options
Diffstat (limited to 'repackaged/common/src')
-rw-r--r-- | repackaged/common/src/main/java/com/android/org/conscrypt/SSLParametersImpl.java | 15 | ||||
-rw-r--r-- | repackaged/common/src/test/java/com/android/org/conscrypt/javax/net/ssl/SSLContextTest.java | 10 |
2 files changed, 23 insertions, 2 deletions
diff --git a/repackaged/common/src/main/java/com/android/org/conscrypt/SSLParametersImpl.java b/repackaged/common/src/main/java/com/android/org/conscrypt/SSLParametersImpl.java index 93bdc4f8..9130380f 100644 --- a/repackaged/common/src/main/java/com/android/org/conscrypt/SSLParametersImpl.java +++ b/repackaged/common/src/main/java/com/android/org/conscrypt/SSLParametersImpl.java @@ -146,8 +146,19 @@ final class SSLParametersImpl implements Cloneable { } // initialize the list of cipher suites and protocols enabled by default - enabledProtocols = NativeCrypto.checkEnabledProtocols( - protocols == null ? NativeCrypto.getDefaultProtocols() : protocols).clone(); + if (protocols == null) { + enabledProtocols = NativeCrypto.getDefaultProtocols().clone(); + } else { + String[] filteredProtocols = + filterFromProtocols(protocols, Arrays.asList(Platform.isTlsV1Supported() + ? new String[0] + : new String[] { + NativeCrypto.DEPRECATED_PROTOCOL_TLSV1, + NativeCrypto.DEPRECATED_PROTOCOL_TLSV1_1, + })); + isEnabledProtocolsFiltered = protocols.length != filteredProtocols.length; + enabledProtocols = NativeCrypto.checkEnabledProtocols(filteredProtocols).clone(); + } boolean x509CipherSuitesNeeded = (x509KeyManager != null) || (x509TrustManager != null); boolean pskCipherSuitesNeeded = pskKeyManager != null; enabledCipherSuites = getDefaultCipherSuites( diff --git a/repackaged/common/src/test/java/com/android/org/conscrypt/javax/net/ssl/SSLContextTest.java b/repackaged/common/src/test/java/com/android/org/conscrypt/javax/net/ssl/SSLContextTest.java index 5f382d19..fedae1f9 100644 --- a/repackaged/common/src/test/java/com/android/org/conscrypt/javax/net/ssl/SSLContextTest.java +++ b/repackaged/common/src/test/java/com/android/org/conscrypt/javax/net/ssl/SSLContextTest.java @@ -123,6 +123,16 @@ public class SSLContextTest { } @Test + public void test_SSLContext_allProtocols() throws Exception { + SSLConfigurationAsserts.assertSSLContextDefaultConfiguration(SSLContext.getDefault()); + + for (String protocol : StandardNames.SSL_CONTEXT_PROTOCOLS_ALL) { + SSLContext sslContext = SSLContext.getInstance(protocol); + sslContext.init(null, null, null); + } + } + + @Test public void test_SSLContext_pskOnlyConfiguration_defaultProviderOnly() throws Exception { // Test the scenario where only a PSKKeyManager is provided and no TrustManagers are // provided. |