OkHttpClientProvider for Android 4 does not support TLSv1

[PaulVanStaden]

Description

Correctly functioning behaviour.

In Android v5 and upwards when using the standard OkHttpClientProvider it uses OkHttpClient.Builder() to determine the connectionSpecs. This returns a default

DEFAULT_CONNECTION_SPECS = Util.immutableList(
      ConnectionSpec.MODERN_TLS, ConnectionSpec.COMPATIBLE_TLS, ConnectionSpec.CLEARTEXT);

Inconsistent behaviour

For Android SDK Build.VERSION.SDK_INT >= Build.VERSION_CODES.JELLY_BEAN && Build.VERSION.SDK_INT <= Build.VERSION_CODES.KITKAT it goes into a custom enableTls12OnPreLollipop codeblock that specifically only implements ConnectionSpec.MODERN_TLS

This results that connections using TLSv1 will not work on Android 4.

Reproduction Steps and Sample Code

0. Run an emulator on API 16.
1. Try a SSL network request to a SSL server only accepting TLSv1
2. Fail network request due to the following error

javax.net.ssl.SSLProtocolException: SSL handshake aborted: ssl=0xb9561090: Failure in SSL library, usually a protocol error
error:14077102:SSL routines:SSL23_GET_SERVER_HELLO:unsupported protocol (external/openssl/ssl/s23_clnt.c:714 0x9e0fd925:0x00000000)

Solution

Will Add pull request.
Added #14245

in com.facebook.react.modules.network.TLSSocketFactory replace

private Socket enableTLSOnSocket(Socket socket) {
        if(socket != null && (socket instanceof SSLSocket)) {
            ((SSLSocket)socket).setEnabledProtocols(new String[] {"TLSv1.1", "TLSv1.2"});
        }
        return socket;
    }

with

private Socket enableTLSOnSocket(Socket socket) {
        if(socket != null && (socket instanceof SSLSocket)) {
            ((SSLSocket)socket).setEnabledProtocols(new String[] {"TLSv1","TLSv1.1", "TLSv1.2"});
        }
        return socket;
    }

Additional Information

• React Native version: v0.45.0-rc.2
• Platform: Android
• Development Operating System: OSX and Windows
• Dev tools: Android Studio version, Android SDK 25

[hramos]

Hi there! This issue is being closed because it has been inactive for a while. Maybe the issue has been fixed in a recent release, or perhaps it is not affecting a lot of people. Either way, we're automatically closing issues after a period of inactivity. Please do not take it personally!

If you think this issue should definitely remain open, please let us know. The following information is helpful when it comes to determining if the issue should be re-opened:

• Does the issue still reproduce on the latest release candidate? Post a comment with the version you tested.
• If so, is there any information missing from the bug report? Post a comment with all the information required by the issue template.
• Is there a pull request that addresses this issue? Post a comment with the PR number so we can follow up.

If you would like to work on a patch to fix the issue, contributions are very welcome! Read through the contribution guide, and feel free to hop into #react-native if you need help planning your contribution.

[8of]

Reoccured on React Native 0.56.0

[sijad]

any news on this one? we can't use cloudflare CDN because of this bug.

[stale]

Hey there, it looks like there has been no activity on this issue recently. Has the issue been fixed, or does it still require the community's attention? This issue may be closed if no further activity occurs. You may also label this issue as "For Discussion" or "Good first issue" and I will leave it open. Thank you for your contributions.

[sijad]

I think this should kept open

[lahed]

Some solution, the same thing happens to me, since 0.56.0 it stopped working