SSLSocket: track update to TLS defaults
SSLv3 is no longer in the default list.
Bug: 17136008
Change-Id: I4092e17f79c29d10d11ffe01d130d0d03cd2215f
diff --git a/support/src/test/java/libcore/java/security/StandardNames.java b/support/src/test/java/libcore/java/security/StandardNames.java
index ff6128e..c28a841 100644
--- a/support/src/test/java/libcore/java/security/StandardNames.java
+++ b/support/src/test/java/libcore/java/security/StandardNames.java
@@ -559,10 +559,10 @@
} else {
provideSslContextEnabledProtocols("SSL", TLSVersion.SSLv3, TLSVersion.TLSv12);
provideSslContextEnabledProtocols("SSLv3", TLSVersion.SSLv3, TLSVersion.TLSv12);
- provideSslContextEnabledProtocols("TLS", TLSVersion.SSLv3, TLSVersion.TLSv12);
- provideSslContextEnabledProtocols("TLSv1", TLSVersion.SSLv3, TLSVersion.TLSv12);
- provideSslContextEnabledProtocols("TLSv1.1", TLSVersion.SSLv3, TLSVersion.TLSv12);
- provideSslContextEnabledProtocols("TLSv1.2", TLSVersion.SSLv3, TLSVersion.TLSv12);
+ provideSslContextEnabledProtocols("TLS", TLSVersion.TLSv1, TLSVersion.TLSv12);
+ provideSslContextEnabledProtocols("TLSv1", TLSVersion.TLSv1, TLSVersion.TLSv12);
+ provideSslContextEnabledProtocols("TLSv1.1", TLSVersion.TLSv1, TLSVersion.TLSv12);
+ provideSslContextEnabledProtocols("TLSv1.2", TLSVersion.TLSv1, TLSVersion.TLSv12);
}
}
@@ -602,13 +602,11 @@
"TLSv1.2"));
public static final Set<String> SSL_SOCKET_PROTOCOLS_CLIENT_DEFAULT =
new HashSet<String>(Arrays.asList(
- "SSLv3",
"TLSv1",
"TLSv1.1",
"TLSv1.2"));
public static final Set<String> SSL_SOCKET_PROTOCOLS_SERVER_DEFAULT =
new HashSet<String>(Arrays.asList(
- "SSLv3",
"TLSv1",
"TLSv1.1",
"TLSv1.2"));
@@ -621,6 +619,10 @@
* do to disable general use of SSLv2.
*/
SSL_SOCKET_PROTOCOLS.add("SSLv2Hello");
+
+ /* The RI still has SSLv3 as a default protocol. */
+ SSL_SOCKET_PROTOCOLS_CLIENT_DEFAULT.add("SSLv3");
+ SSL_SOCKET_PROTOCOLS_SERVER_DEFAULT.add("SSLv3");
}
}