diff options
-rw-r--r-- | src/eu/siacs/conversations/xmpp/XmppConnection.java | 10 |
1 files changed, 9 insertions, 1 deletions
diff --git a/src/eu/siacs/conversations/xmpp/XmppConnection.java b/src/eu/siacs/conversations/xmpp/XmppConnection.java index 0162af9e..1ac6cb2b 100644 --- a/src/eu/siacs/conversations/xmpp/XmppConnection.java +++ b/src/eu/siacs/conversations/xmpp/XmppConnection.java @@ -10,6 +10,7 @@ import java.security.KeyManagementException; import java.security.NoSuchAlgorithmException; import java.security.SecureRandom; import java.util.ArrayList; +import java.util.Arrays; import java.util.HashMap; import java.util.Hashtable; import java.util.List; @@ -519,7 +520,14 @@ public class XmppConnection implements Runnable { SSLSocket sslSocket = (SSLSocket) factory.createSocket(socket, socket.getInetAddress().getHostAddress(), socket.getPort(), true); - sslSocket.setEnabledProtocols(sslSocket.getSupportedProtocols()); + + // Support all protocols except legacy SSL. + // The min SDK version prevents us having to worry about SSLv2. In future, this may be + // true of SSLv3 as well. + final List<String> supportedProtocols = new LinkedList<String>(Arrays.asList( + sslSocket.getSupportedProtocols())); + supportedProtocols.remove("SSLv3"); + sslSocket.setEnabledProtocols(supportedProtocols.toArray(new String[supportedProtocols.size()])); if (verifier != null && !verifier.verify(account.getServer(), |