Bug 1061273 - Part 4: Use SSLSocketFactory directly, rather than our own TLSSocketFactory subclass. r=nalexander, a=lizzard
authorRichard Newman <rnewman@mozilla.com>
Thu, 04 Jun 2015 11:07:32 -0700
changeset 266224 b36c17437332
parent 266223 c2f209debd59
child 266225 dd38d3ccbacd
push id4792
push userryanvm@gmail.com
push date2015-06-10 20:30 +0000
treeherdermozilla-beta@f137fedd1455 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersnalexander, lizzard
bugs1061273
milestone39.0
Bug 1061273 - Part 4: Use SSLSocketFactory directly, rather than our own TLSSocketFactory subclass. r=nalexander, a=lizzard
mobile/android/base/sync/net/BaseResource.java
--- a/mobile/android/base/sync/net/BaseResource.java
+++ b/mobile/android/base/sync/net/BaseResource.java
@@ -15,16 +15,17 @@ import java.security.KeyManagementExcept
 import java.security.NoSuchAlgorithmException;
 import java.security.SecureRandom;
 import java.util.concurrent.CopyOnWriteArrayList;
 
 import javax.net.ssl.SSLContext;
 
 import org.json.simple.JSONArray;
 import org.json.simple.JSONObject;
+import org.mozilla.gecko.background.common.GlobalConstants;
 import org.mozilla.gecko.background.common.log.Logger;
 import org.mozilla.gecko.sync.ExtendedJSONObject;
 
 import ch.boye.httpclientandroidlib.Header;
 import ch.boye.httpclientandroidlib.HttpEntity;
 import ch.boye.httpclientandroidlib.HttpResponse;
 import ch.boye.httpclientandroidlib.HttpVersion;
 import ch.boye.httpclientandroidlib.client.AuthCache;
@@ -210,17 +211,19 @@ public class BaseResource implements Res
 
   private static final Object connManagerMonitor = new Object();
   private static ClientConnectionManager connManager;
 
   // Call within a synchronized block on connManagerMonitor.
   private static ClientConnectionManager enableTLSConnectionManager() throws KeyManagementException, NoSuchAlgorithmException  {
     SSLContext sslContext = SSLContext.getInstance("TLS");
     sslContext.init(null, null, new SecureRandom());
-    SSLSocketFactory sf = new TLSSocketFactory(sslContext);
+
+    Logger.debug(LOG_TAG, "Using protocols and cipher suites for Android API " + android.os.Build.VERSION.SDK_INT);
+    SSLSocketFactory sf = new SSLSocketFactory(sslContext, GlobalConstants.DEFAULT_PROTOCOLS, GlobalConstants.DEFAULT_CIPHER_SUITES, null);
     SchemeRegistry schemeRegistry = new SchemeRegistry();
     schemeRegistry.register(new Scheme("https", 443, sf));
     schemeRegistry.register(new Scheme("http", 80, new PlainSocketFactory()));
     ThreadSafeClientConnManager cm = new ThreadSafeClientConnManager(schemeRegistry);
 
     cm.setMaxTotal(MAX_TOTAL_CONNECTIONS);
     cm.setDefaultMaxPerRoute(MAX_CONNECTIONS_PER_ROUTE);
     connManager = cm;