mir/kdeconnect-android
2
0
Fork 0
mirror of https://github.com/KDE/kdeconnect-android synced 2025-08-30 05:37:43 +00:00
Code Issues Releases Wiki Activity

Using reverse connection strategy for device with android version less than ICS

Browse Source 
Enabled cipher suites manually due to issues caused by DHE by older devices
This commit is contained in:
Vineet Garg 2015-08-25 01:06:49 +05:30
parent f908f5d8a1
commit b87aead06b
2 changed files with 20 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
src/org/kde/kdeconnect/Backends/LanBackend/LanLinkProvider.java
View File

@ -424,6 +424,11 @@ public class LanLinkProvider extends BaseLinkProvider {
clientGroup = new NioEventLoopGroup();
// Due to certificate request from SSL server to client, the certificate request message from device with latest android version to device with
// old android version causes a FATAL ALERT message stating that incorrect certificate request
// Server is disabled on these devices and using a reverse connection strategy. This works well for connection of these devices with kde
// and newer android versions. Although devices with android version less than ICS cannot connect to other devices who also have android version less
// than ICS because server is disabled on both
if (Build.VERSION.SDK_INT < Build.VERSION_CODES.ICE_CREAM_SANDWICH) {
return;
}

15
src/org/kde/kdeconnect/Helpers/SecurityHelpers/SslHelper.java
View File

@ -22,6 +22,7 @@ package org.kde.kdeconnect.Helpers.SecurityHelpers;
import android.content.Context;
import android.content.SharedPreferences;
import android.os.Build;
import android.preference.PreferenceManager;
import android.provider.Settings;
import android.util.Base64;
@ -45,6 +46,7 @@ import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Calendar;
import java.util.Date;
import java.util.Formatter;
@ -204,6 +206,19 @@ public class SslHelper {
"TLSv1"
});
// These cipher suites are most common of them that are accepted by kde and android during handshake
ArrayList<String> supportedCiphers = new ArrayList<>();
if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.LOLLIPOP) {
supportedCiphers.add("TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256");
supportedCiphers.add("TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384");
supportedCiphers.add("TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA");
}
// Following ciphers are for and due to old devices
supportedCiphers.add("SSL_RSA_WITH_RC4_128_SHA");
supportedCiphers.add("SSL_RSA_WITH_RC4_128_MD5");
sslEngine.setEnabledCipherSuites(supportedCiphers.toArray(new String[supportedCiphers.size()]));
if (sslMode == SslMode.Client){
sslEngine.setUseClientMode(true);
}else{