msb-public
/
FairEmail
mirror of https://github.com/M66B/FairEmail.git
1
0
Code Issues Projects Releases Wiki Activity

Remove fallback cipher

Browse Source
pull/194/merge
M66B 3 years ago
parent 625bb0dfa8
commit 34627add38
1 changed files with 4 additions and 4 deletions
Show Stats Download Patch File Download Diff File

6
app/src/main/java/eu/faircode/email/EmailService.java
Unescape View File

@ -1157,9 +1157,8 @@ public class EmailService implements AutoCloseable {
sslSocket.setEnabledProtocols(sslSocket.getSupportedProtocols()); sslSocket.setEnabledProtocols(sslSocket.getSupportedProtocols());
List<String> ciphers = new ArrayList<>(); List<String> ciphers = new ArrayList<>();
for (String cipher : sslSocket.getSupportedCipherSuites()) ciphers.addAll(Arrays.asList(sslSocket.getSupportedCipherSuites()));
if (!cipher.endsWith("_SCSV")) ciphers.remove("TLS_FALLBACK_SCSV");
ciphers.add(cipher);
sslSocket.setEnabledCipherSuites(ciphers.toArray(new String[0])); sslSocket.setEnabledCipherSuites(ciphers.toArray(new String[0]));
} else if (ssl_harden) { } else if (ssl_harden) {
List<String> protocols = new ArrayList<>(); List<String> protocols = new ArrayList<>();
@ -1184,6 +1183,7 @@ public class EmailService implements AutoCloseable {
List<String> ciphers = new ArrayList<>(); List<String> ciphers = new ArrayList<>();
ciphers.addAll(Arrays.asList(sslSocket.getEnabledCipherSuites())); ciphers.addAll(Arrays.asList(sslSocket.getEnabledCipherSuites()));
ciphers.remove("TLS_FALLBACK_SCSV");
for (String cipher : sslSocket.getSupportedCipherSuites()) for (String cipher : sslSocket.getSupportedCipherSuites())
if (!ciphers.contains(cipher) && if (!ciphers.contains(cipher) &&
(cipher.contains("3DES") || cipher.contains("RC4"))) { (cipher.contains("3DES") || cipher.contains("RC4"))) {

Write Preview
Loading…
Cancel
Save