Added a custom SSLSocketFactory for enabling TLS1.2 on Android API < 20.
How
Android API >= 20 already has TLS1.2 enabled by default. API level 19 has it available but not enabled. On older versions of Android it is possible for users to workaround this, for example by configuring the HttpsUrlConnection.setDefaultSocketFactory or similar. However, we can check the API version and set the socket factory for each HttpConnection automatically so that older versions of Android work without any user required changes.
Added Android version and TLS support checks as well as a TLSv1.2 only SSLSocketFactory to enable on older versions.
Moved default interceptors into CouchClient from ReplicatorBuilder.
Testing
Updated HttpTest that called HttpConnection directly to consume default interceptors.
Refactored HttpTest slightly to simplify interceptor addition.
Updated replication tests for new assertions, due to interceptor move to CouchClient and interceptor "sizes".
Existing tests pass.
Manually tested on API 19 emulator against TLS1.2 only Cloudant.
CI tests run against API >= 20, so don't regularly check this. We could consider an extra branch of testing using the emulator at API level 19.
Thanks for your hard work, please ensure all items are complete before opening.
What
Added a custom
SSLSocketFactory
for enabling TLS1.2 on Android API < 20.How
Android API >= 20 already has TLS1.2 enabled by default. API level 19 has it available but not enabled. On older versions of Android it is possible for users to workaround this, for example by configuring the
HttpsUrlConnection.setDefaultSocketFactory
or similar. However, we can check the API version and set the socket factory for eachHttpConnection
automatically so that older versions of Android work without any user required changes.SSLSocketFactory
to enable on older versions.CouchClient
fromReplicatorBuilder
.Testing
HttpTest
that calledHttpConnection
directly to consume default interceptors.HttpTest
slightly to simplify interceptor addition.CouchClient
and interceptor "sizes".Existing tests pass. Manually tested on API 19 emulator against TLS1.2 only Cloudant. CI tests run against API >= 20, so don't regularly check this. We could consider an extra branch of testing using the emulator at API level 19.
Issues
N/A