search

microg / GmsCore

Free implementation of Play Services
https://microg.org
Apache License 2.0
8.61k stars 1.73k forks source link

TLS 1.2 on KitKat and earlier #2070

Open Lost-Entrepreneur439 opened 1 year ago

Lost-Entrepreneur439 commented 1 year ago

Is your feature request related to a problem? Please describe. I will start this off by saying I am not an expert with how Android and GMS work, so I probably can't explain this in the most in-depth way, but basically on Android KitKat and earlier, you had to explicitly enable TLS above 1.0, however the way you enabled it in Android didn't work with some non-AOSP devices, so GMS provided a TLS 1.2 implementation, and most apps used GMS's implementation, and this is when the issue starts, because microG doesn't have this, on devices without GMS running KitKat and earlier, most apps that require TLS 1.2 won't work, an example of this being Discord, it requires TLS 1.2, so when you try to sign in on a device running Jellybean or KitKat, it just shows a loading icon for a few seconds then goes back to the login screen. This explains more of it in further detail - https://quizlet.com/blog/working-with-tls-1-2-on-android-4-4-and-lower

Describe the solution you'd like I'd like to see GMS's TLS 1.2 implementation for older devices implemented into microG if possible.

Describe alternatives you've considered I've considered just giving up and flashing GApps on the phone I used to discover all of this (which is a Motorola Milestone 3 running Android 4.2.1 Jellybean), however this phone never went past Gingerbread officially, so it's pretty low end for a Jellybean device, and while it runs fine on stock CyanogenMod 10.1, with GApps, the phone's performance completely dies, and the phone becomes unusably slow, unable to even open most apps.

mar-v-in commented 1 year ago

microG has support for the ProviderInstaller feature and includes a recent version of Conscrypt that should allow to use TLS 1.2.

Which version of microG are you using?

ale5000-git commented 1 year ago

My PR has fixed the main part of Conscrypt (on Kitkat and lower) but I wasn't able to fix it completely. Probably the part that enable TLS 1.2 by default is still not working. Currently my main PC is broken so I cannot do too much.

Lost-Entrepreneur439 commented 1 year ago

microG has support for the ProviderInstaller feature and includes a recent version of Conscrypt that should allow to use TLS 1.2.

Which version of microG are you using?

I'm on latest, but I can't use anything that requires TLS 1.2.