diff --git a/app/src/main/java/org/schabi/newpipe/DownloaderImpl.java b/app/src/main/java/org/schabi/newpipe/DownloaderImpl.java index 8704bedb0..dc8c6f135 100644 --- a/app/src/main/java/org/schabi/newpipe/DownloaderImpl.java +++ b/app/src/main/java/org/schabi/newpipe/DownloaderImpl.java @@ -173,12 +173,14 @@ public class DownloaderImpl extends Downloader { /** * Enable TLS 1.2 and 1.1 on Android Kitkat. This function is mostly taken from the documentation of * OkHttpClient.Builder.sslSocketFactory(_,_) + *

+ * If there is an error, the function will safely fall back to doing nothing and printing the error to the console. * - * If there is an error, It will safely fall back to doing nothing and printing the Error to the console. * @param builder The HTTPClient Builder on which TLS is enabled on (will be modified in-place) */ private static void enableModernTLS(OkHttpClient.Builder builder) { try { + // get the default TrustManager TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance( TrustManagerFactory.getDefaultAlgorithm()); trustManagerFactory.init((KeyStore) null); @@ -189,9 +191,7 @@ public class DownloaderImpl extends Downloader { } X509TrustManager trustManager = (X509TrustManager) trustManagers[0]; - SSLContext sslContext = SSLContext.getInstance("TLS"); - sslContext.init(null, new TrustManager[] { trustManager }, null); - //SSLSocketFactory sslSocketFactory = sslContext.getSocketFactory(); + // insert our own TLSSocketFactory SSLSocketFactory sslSocketFactory = TLSSocketFactoryCompat.getInstance(); builder.sslSocketFactory(sslSocketFactory, trustManager); diff --git a/app/src/main/java/org/schabi/newpipe/MainActivity.java b/app/src/main/java/org/schabi/newpipe/MainActivity.java index 2da01991c..90d299c7f 100644 --- a/app/src/main/java/org/schabi/newpipe/MainActivity.java +++ b/app/src/main/java/org/schabi/newpipe/MainActivity.java @@ -109,9 +109,10 @@ public class MainActivity extends AppCompatActivity { protected void onCreate(Bundle savedInstanceState) { if (DEBUG) Log.d(TAG, "onCreate() called with: savedInstanceState = [" + savedInstanceState + "]"); - //enable TLS1.1/1.2 for kitkat devices, to fix download and play for mediaCCC sources - if (Build.VERSION.SDK_INT == Build.VERSION_CODES.KITKAT) + // enable TLS1.1/1.2 for kitkat devices, to fix download and play for mediaCCC sources + if (Build.VERSION.SDK_INT == Build.VERSION_CODES.KITKAT) { TLSSocketFactoryCompat.setAsDefault(); + } ThemeHelper.setTheme(this, ServiceHelper.getSelectedServiceId(this)); diff --git a/app/src/main/java/org/schabi/newpipe/util/TLSSocketFactoryCompat.java b/app/src/main/java/org/schabi/newpipe/util/TLSSocketFactoryCompat.java index 67d8273d2..2f6a650ff 100644 --- a/app/src/main/java/org/schabi/newpipe/util/TLSSocketFactoryCompat.java +++ b/app/src/main/java/org/schabi/newpipe/util/TLSSocketFactoryCompat.java @@ -21,14 +21,15 @@ import javax.net.ssl.TrustManager; public class TLSSocketFactoryCompat extends SSLSocketFactory { - private static TLSSocketFactoryCompat instance=null; + private static TLSSocketFactoryCompat instance = null; private SSLSocketFactory internalSSLSocketFactory; public static TLSSocketFactoryCompat getInstance() throws NoSuchAlgorithmException, KeyManagementException { - if(instance!=null) + if (instance != null) { return instance; - return instance=new TLSSocketFactoryCompat(); + } + return instance = new TLSSocketFactoryCompat(); } @@ -93,7 +94,7 @@ public class TLSSocketFactoryCompat extends SSLSocketFactory { } private Socket enableTLSOnSocket(Socket socket) { - if(socket != null && (socket instanceof SSLSocket)) { + if (socket != null && (socket instanceof SSLSocket)) { /* //Create list of supported protocols ArrayList supportedProtocols = new ArrayList<>(); @@ -119,7 +120,7 @@ public class TLSSocketFactoryCompat extends SSLSocketFactory { //((SSLSocket)socket).setEnabledProtocols(protocolArray); */ // OR: only enable TLS 1.1 and 1.2! - ((SSLSocket)socket).setEnabledProtocols(new String[] {"TLSv1.1", "TLSv1.2"}); + ((SSLSocket) socket).setEnabledProtocols(new String[]{"TLSv1.1", "TLSv1.2"}); } return socket;