diff --git a/src/ModernHttpClient/Android/OkHttpNetworkHandler.cs b/src/ModernHttpClient/Android/OkHttpNetworkHandler.cs index 6839410..0619d9e 100644 --- a/src/ModernHttpClient/Android/OkHttpNetworkHandler.cs +++ b/src/ModernHttpClient/Android/OkHttpNetworkHandler.cs @@ -38,6 +38,12 @@ public NativeMessageHandler(bool throwOnCaptiveNetwork, bool customSSLVerificati if (customSSLVerification) client.SetHostnameVerifier(new HostnameVerifier()); noCacheCacheControl = (new CacheControl.Builder()).NoCache().Build(); + + // If less than Android Lollipop + if (((int)Build.VERSION.SdkInt) < 21) + { + client.SetSslSocketFactory (new TlsSSLSocketFactory ()); + } } public void RegisterForProgress(HttpRequestMessage request, ProgressDelegate callback) @@ -198,7 +204,7 @@ class HostnameVerifier : Java.Lang.Object, IHostnameVerifier public bool Verify(string hostname, ISSLSession session) { - return verifyServerCertificate(hostname, session) & verifyClientCiphers(hostname, session); + return verifyServerCertificate (hostname, session); // & verifyClientCiphers(hostname, session); } /// @@ -262,21 +268,23 @@ static bool verifyServerCertificate(string hostname, ISSLSession session) return ServicePointManager.ServerCertificateValidationCallback(hostname, root, chain, errors); } - /// - /// Verifies client ciphers and is only available in Mono and Xamarin products. - /// - /// true, if client ciphers was verifyed, false otherwise. - /// - /// - static bool verifyClientCiphers(string hostname, ISSLSession session) - { - var callback = ServicePointManager.ClientCipherSuitesCallback; - if (callback == null) return true; + // We are not verifying client certificates - var protocol = session.Protocol.StartsWith("SSL", StringComparison.InvariantCulture) ? SecurityProtocolType.Ssl3 : SecurityProtocolType.Tls; - var acceptedCiphers = callback(protocol, new[] { session.CipherSuite }); + ///// + ///// Verifies client ciphers and is only available in Mono and Xamarin products. + ///// + ///// true, if client ciphers was verifyed, false otherwise. + ///// + ///// + //static bool verifyClientCiphers(string hostname, ISSLSession session) + //{ + // var callback = ServicePointManager.ClientCipherSuitesCallback; + // if (callback == null) return true; - return acceptedCiphers.Contains(session.CipherSuite); - } + // var protocol = session.Protocol.StartsWith("SSL", StringComparison.InvariantCulture) ? SecurityProtocolType.Ssl3 : SecurityProtocolType.Tls; + // var acceptedCiphers = callback(protocol, new[] { session.CipherSuite }); + + // return acceptedCiphers.Contains(session.CipherSuite); + //} } } diff --git a/src/ModernHttpClient/Android/TlsSSLSocketFactory.cs b/src/ModernHttpClient/Android/TlsSSLSocketFactory.cs new file mode 100644 index 0000000..64572a6 --- /dev/null +++ b/src/ModernHttpClient/Android/TlsSSLSocketFactory.cs @@ -0,0 +1,79 @@ +using Javax.Net.Ssl; + +namespace ModernHttpClient +{ + + public class TlsSSLSocketFactory : SSLSocketFactory + { + readonly SSLSocketFactory factory = (SSLSocketFactory)Default; + + public override string [] GetDefaultCipherSuites () + { + return factory.GetDefaultCipherSuites (); + } + + public override string [] GetSupportedCipherSuites () + { + return factory.GetSupportedCipherSuites (); + } + public override Java.Net.Socket CreateSocket (Java.Net.InetAddress address, int port, Java.Net.InetAddress localAddress, int localPort) + { + SSLSocket socket = (SSLSocket)factory.CreateSocket (address, port, localAddress, localPort); + socket.SetEnabledProtocols (socket.GetSupportedProtocols ()); + socket.SetEnabledCipherSuites (socket.GetSupportedCipherSuites ()); + + return socket; + } + + public override Java.Net.Socket CreateSocket (Java.Net.InetAddress host, int port) + { + SSLSocket socket = (SSLSocket)factory.CreateSocket (host, port); + socket.SetEnabledProtocols (socket.GetSupportedProtocols ()); + socket.SetEnabledCipherSuites (socket.GetSupportedCipherSuites ()); + + return socket; + } + + public override Java.Net.Socket CreateSocket (string host, int port, Java.Net.InetAddress localHost, int localPort) + { + SSLSocket socket = (SSLSocket)factory.CreateSocket (host, port, localHost, localPort); + socket.SetEnabledProtocols (socket.GetSupportedProtocols ()); + socket.SetEnabledCipherSuites (socket.GetSupportedCipherSuites ()); + + return socket; + } + + public override Java.Net.Socket CreateSocket (string host, int port) + { + SSLSocket socket = (SSLSocket)factory.CreateSocket (host, port); + socket.SetEnabledProtocols (socket.GetSupportedProtocols ()); + socket.SetEnabledCipherSuites (socket.GetSupportedCipherSuites ()); + + return socket; + } + + public override Java.Net.Socket CreateSocket (Java.Net.Socket s, string host, int port, bool autoClose) + { + SSLSocket socket = (SSLSocket)factory.CreateSocket (s, host, port, autoClose); + socket.SetEnabledProtocols (socket.GetSupportedProtocols ()); + socket.SetEnabledCipherSuites (socket.GetSupportedCipherSuites ()); + + return socket; + } + + protected override void Dispose (bool disposing) + { + factory.Dispose (); + base.Dispose (disposing); + } + + public override Java.Net.Socket CreateSocket () + { + SSLSocket socket = (SSLSocket)factory.CreateSocket (); + socket.SetEnabledProtocols (socket.GetSupportedProtocols ()); + socket.SetEnabledCipherSuites (socket.GetSupportedCipherSuites ()); + + return socket; + } + } +} \ No newline at end of file diff --git a/src/ModernHttpClient/ModernHttpClient.Android.csproj b/src/ModernHttpClient/ModernHttpClient.Android.csproj index 45a94fe..b37973f 100644 --- a/src/ModernHttpClient/ModernHttpClient.Android.csproj +++ b/src/ModernHttpClient/ModernHttpClient.Android.csproj @@ -57,13 +57,14 @@ + - ..\..\packages\Square.OkIO.1.5.0.0\lib\MonoAndroid\Square.OkIO.dll + ..\..\packages\Square.OkIO.1.11.0\lib\MonoAndroid\Square.OkIO.dll - ..\..\packages\Square.OkHttp.2.4.0.3\lib\MonoAndroid\Square.OkHttp.dll + ..\..\packages\Square.OkHttp.2.7.5.0\lib\MonoAndroid\Square.OkHttp.dll - + diff --git a/src/ModernHttpClient/Resources/Resource.designer.cs b/src/ModernHttpClient/Resources/Resource.designer.cs index 19c6965..e123b45 100644 --- a/src/ModernHttpClient/Resources/Resource.designer.cs +++ b/src/ModernHttpClient/Resources/Resource.designer.cs @@ -2,7 +2,7 @@ // ------------------------------------------------------------------------------ // // This code was generated by a tool. -// Mono Runtime Version: 4.0.30319.17020 +// Mono Runtime Version: 4.0.30319.42000 // // Changes to this file may cause incorrect behavior and will be lost if // the code is regenerated. diff --git a/src/ModernHttpClient/packages.config b/src/ModernHttpClient/packages.config index 683dfae..7dea026 100644 --- a/src/ModernHttpClient/packages.config +++ b/src/ModernHttpClient/packages.config @@ -1,5 +1,5 @@ - - - - + + + + \ No newline at end of file