charlag
commented
7 years ago Oh, sorry, we'be tried to ship our own TLS and it didn't end well https://github.com/Vavassor/Tusky/issues/46 I feel you but I'm not sure about this.
Closed Miaourt closed 6 years ago
charlag
commented
7 years ago Oh, sorry, we'be tried to ship our own TLS and it didn't end well https://github.com/Vavassor/Tusky/issues/46 I feel you but I'm not sure about this.
Miaourt
commented
7 years ago There is no need to ship custom TLS as you can read, simply to force android to give the access :)
charlag
commented
7 years ago @Technowix ah, sorry, I didn't pay enough attention. Cool then, worth trying, I guess. Thank you.
connyduck
commented
7 years ago Yes, we should give this a try. But we need to be careful to not change the Tls fix for Nougat we already have in place.
Vavassor
commented
7 years ago This should already be implemented in OkHttpUtils.java. The class SSLSocketFactoryCompat at the bottom, is pretty much the example linked, right?
connyduck
commented
7 years ago Yes indeed, thx for the hint @Vavassor. Do we know a instance with TLS 1.2 only so we can test it?
Miaourt
commented
7 years ago Just tried with someone having 4.2 and, no, not working :v mstdn.io have only TLSv1.2
connyduck
commented
6 years ago Sorry, but we will not put in any more time to investigate Android 4 issues. See https://github.com/Vavassor/Tusky/issues/476
Rightnow, I'm keeping TLSv1.0 on my instance since there isn't any mobile client that support TLSv1.1 nor 1.2 on android 4.1 to 4.3 (fixed in 4.4) It doesn't seem to be that hard for Tusky to support TLS 1.1/1.2 on thoses android versions, but I can be wrong : https://blog.dev-area.net/2015/08/13/android-4-1-enable-tls-1-1-and-tls-1-2/