From 503237087ffc5585876dfdb96ef167960bef0f15 Mon Sep 17 00:00:00 2001
From: Sam Whited <sam@samwhited.com>
Date: Sat, 17 Jan 2015 13:40:15 -0500
Subject: [PATCH] Remove legacy SSL support

---
 .gitignore                                    |  1 +
 .../conversations/xmpp/XmppConnection.java    | 26 ++++++++-----------
 src/main/res/values-cs/strings.xml            |  1 -
 src/main/res/values-de/strings.xml            |  1 -
 src/main/res/values-es/strings.xml            |  1 -
 src/main/res/values-eu/strings.xml            |  1 -
 src/main/res/values-fr/strings.xml            |  1 -
 src/main/res/values-it/strings.xml            |  1 -
 src/main/res/values-nl/strings.xml            |  1 -
 src/main/res/values-sv/strings.xml            |  1 -
 src/main/res/values/strings.xml               |  2 --
 src/main/res/xml/preferences.xml              |  5 ----
 12 files changed, 12 insertions(+), 30 deletions(-)

diff --git a/.gitignore b/.gitignore
index 5b49283530782b7e1d7fc617692bf001651967f9..7ddfcc0d3c7bf1e6988105f079e23424161d7d08 100644
--- a/.gitignore
+++ b/.gitignore
@@ -36,3 +36,4 @@ proguard/
 .idea
 
 import-summary.txt
+.navigation/
diff --git a/src/main/java/eu/siacs/conversations/xmpp/XmppConnection.java b/src/main/java/eu/siacs/conversations/xmpp/XmppConnection.java
index 6424b1d5c2ee06f31a8fd206f3cda01600cc3e4c..c16ac32bd9bc5c93afcfa106cb2d4514114a7d6b 100644
--- a/src/main/java/eu/siacs/conversations/xmpp/XmppConnection.java
+++ b/src/main/java/eu/siacs/conversations/xmpp/XmppConnection.java
@@ -507,23 +507,19 @@ public class XmppConnection implements Runnable {
 			}
 
 			final String[] supportProtocols;
-			if (enableLegacySSL()) {
-				supportProtocols = sslSocket.getSupportedProtocols();
-			} else {
-				final Collection<String> supportedProtocols = new LinkedList<>(
-						Arrays.asList(sslSocket.getSupportedProtocols()));
-				supportedProtocols.remove("SSLv3");
-				supportProtocols = new String[supportedProtocols.size()];
-				supportedProtocols.toArray(supportProtocols);
-
-				final String[] cipherSuites = CryptoHelper.getSupportedCipherSuites(
-						sslSocket.getSupportedCipherSuites());
-				if (cipherSuites.length > 0) {
-					sslSocket.setEnabledCipherSuites(cipherSuites);
-				}
-			}
+			final Collection<String> supportedProtocols = new LinkedList<>(
+					Arrays.asList(sslSocket.getSupportedProtocols()));
+			supportedProtocols.remove("SSLv3");
+			supportProtocols = supportedProtocols.toArray(new String[supportedProtocols.size()]);
+
 			sslSocket.setEnabledProtocols(supportProtocols);
 
+			final String[] cipherSuites = CryptoHelper.getSupportedCipherSuites(
+					sslSocket.getSupportedCipherSuites());
+			if (cipherSuites.length > 0) {
+				sslSocket.setEnabledCipherSuites(cipherSuites);
+			}
+
 			if (!verifier.verify(account.getServer().getDomainpart(),sslSocket.getSession())) {
 				Log.d(Config.LOGTAG,account.getJid().toBareJid()+": TLS certificate verification failed");
 				disconnect(true);
diff --git a/src/main/res/values-cs/strings.xml b/src/main/res/values-cs/strings.xml
index 77b169f20fe2adcd1943a5f664cacb570ed067dd..f05020b793a8841895599ef3a3854d0a41860380 100644
--- a/src/main/res/values-cs/strings.xml
+++ b/src/main/res/values-cs/strings.xml
@@ -267,7 +267,6 @@
   <string name="pref_force_encryption_summary">Vždy zasílat šifrované zprávy (mimo konference)</string>
   <string name="pref_dont_save_encrypted">Neukládat šifrované zprávy</string>
   <string name="pref_dont_save_encrypted_summary">Varování: Toto může vést ke ztrátě zpráv</string>
-  <string name="pref_enable_legacy_ssl">Povolit zastaralé SSL</string>
   <string name="pref_expert_options">Expertní nastavení</string>
   <string name="pref_expert_options_summary">S tímto zacházejte velmi opatrně</string>
   <string name="title_activity_about">O aplikaci Conversations</string>
diff --git a/src/main/res/values-de/strings.xml b/src/main/res/values-de/strings.xml
index 60596bf8053976b44e693307291a96551d45f2d1..eb9d5dd5f4c9650ee02664d990d54d3b49dd122e 100644
--- a/src/main/res/values-de/strings.xml
+++ b/src/main/res/values-de/strings.xml
@@ -267,7 +267,6 @@
   <string name="pref_force_encryption_summary">Nachrichten immer verschlüsseln (außer für Konferenzen)</string>
   <string name="pref_dont_save_encrypted">Verschlüsselte Nachrichten nicht speichern</string>
   <string name="pref_dont_save_encrypted_summary">Achtung: kann zu Nachrichtenverlust führen</string>
-  <string name="pref_enable_legacy_ssl">Alte SSL-Version aktivieren</string>
   <string name="pref_expert_options">Einstellungen für Experten</string>
   <string name="pref_expert_options_summary">Hier bitte vorsichtig sein</string>
   <string name="title_activity_about">Über Conversations</string>
diff --git a/src/main/res/values-es/strings.xml b/src/main/res/values-es/strings.xml
index efc51dd955d71b8a65123473505332defa309161..7a20341d1ecc493bfa30ddf01552472cd76f1ce7 100644
--- a/src/main/res/values-es/strings.xml
+++ b/src/main/res/values-es/strings.xml
@@ -267,7 +267,6 @@
   <string name="pref_force_encryption_summary">Siempre enviar mensajes cifrados (excepto para conversaciones en grupo)</string>
   <string name="pref_dont_save_encrypted">No guardar mensajes cifrados</string>
   <string name="pref_dont_save_encrypted_summary">Aviso: Esto podría llevar a pérdida de mensajes</string>
-  <string name="pref_enable_legacy_ssl">Habilitar SSL heredado</string>
   <string name="pref_expert_options">Ajustes avanzados</string>
   <string name="pref_expert_options_summary">Por favor, cuidado con estas opciones</string>
   <string name="title_activity_about">Acerca de Conversations</string>
diff --git a/src/main/res/values-eu/strings.xml b/src/main/res/values-eu/strings.xml
index fa22ddb3165985fe7bfc18fdc8809cb4c0a897b3..5e325695465477416314ebbdca8d65e7d8859a3d 100644
--- a/src/main/res/values-eu/strings.xml
+++ b/src/main/res/values-eu/strings.xml
@@ -267,7 +267,6 @@
   <string name="pref_force_encryption_summary">Mezuak beti enkriptatuta bidali (konferentzietan izan ezik)</string>
   <string name="pref_dont_save_encrypted">Ez gorde enkriptatutako mezuak</string>
   <string name="pref_dont_save_encrypted_summary">Adi: Honek mezuen galera ekar lezake</string>
-  <string name="pref_enable_legacy_ssl">Oinordetutako SSL gaitu</string>
   <string name="pref_expert_options">Adituentzako aukerak</string>
   <string name="pref_expert_options_summary">Mesedez kontuz ibili hauekin</string>
   <string name="title_activity_about">Conversationsi buruz</string>
diff --git a/src/main/res/values-fr/strings.xml b/src/main/res/values-fr/strings.xml
index e9b09b7d23edfcbe0e689115a1c68d358861dfdc..7767fb606e74cce34830171535faca41062e8bd7 100644
--- a/src/main/res/values-fr/strings.xml
+++ b/src/main/res/values-fr/strings.xml
@@ -267,7 +267,6 @@
   <string name="pref_force_encryption_summary">Toujours envoyer des messages chiffrés (sauf pour les conférences)</string>
   <string name="pref_dont_save_encrypted">Ne pas sauvegarder les messages chiffrés</string>
   <string name="pref_dont_save_encrypted_summary">Attention: Celà peut mener à une perte de messages</string>
-  <string name="pref_enable_legacy_ssl">Activer SSL hérité</string>
   <string name="pref_expert_options">Options avancées</string>
   <string name="pref_expert_options_summary">A utiliser avec précautions</string>
   <string name="title_activity_about">Sur Conversations</string>
diff --git a/src/main/res/values-it/strings.xml b/src/main/res/values-it/strings.xml
index 0e659e458102dcb91694144ad7a3f629fdd39151..e733dff8541bac9d6a42a76a81d72058465480a1 100644
--- a/src/main/res/values-it/strings.xml
+++ b/src/main/res/values-it/strings.xml
@@ -267,7 +267,6 @@
   <string name="pref_force_encryption_summary">Manda sempre messaggi cifrati (ad eccezione delle conferenze)</string>
   <string name="pref_dont_save_encrypted">Non salvare i messaggi cifrati</string>
   <string name="pref_dont_save_encrypted_summary">Attenzione: Questo potrebbe comportare la perdita di messaggi</string>
-  <string name="pref_enable_legacy_ssl">Abilita il vecchio SSL</string>
   <string name="pref_expert_options">Opzioni da Esperto</string>
   <string name="pref_expert_options_summary">Fai attenzione con queste impostazioni</string>
   <string name="title_activity_about">Info su Conversations</string>
diff --git a/src/main/res/values-nl/strings.xml b/src/main/res/values-nl/strings.xml
index bd347bff56daff66e3f58dfacf491870044c73a6..540914dd40edd83ccbbbd5d6a396cf7e7a539741 100644
--- a/src/main/res/values-nl/strings.xml
+++ b/src/main/res/values-nl/strings.xml
@@ -267,7 +267,6 @@
   <string name="pref_force_encryption_summary">Stuur berichten altijd versleuteld (behalve in groepsgesprekken)</string>
   <string name="pref_dont_save_encrypted">Sla versleutelde berichten niet op</string>
   <string name="pref_dont_save_encrypted_summary"><b>Waarschuwing:</b> Dit kan leiden tot verlies van berichten</string>
-  <string name="pref_enable_legacy_ssl">Sta legacy SSL toe</string>
   <string name="pref_expert_options">Expert-instellingen</string>
   <string name="pref_expert_options_summary">Wees voorzichtig met deze instellingen</string>
   <string name="title_activity_about">Over Conversations</string>
diff --git a/src/main/res/values-sv/strings.xml b/src/main/res/values-sv/strings.xml
index f7bcd5b5a8c750fb1be9ddf55bd2644884f85e15..79a8656b31097c1813417affac77f38b54889b20 100644
--- a/src/main/res/values-sv/strings.xml
+++ b/src/main/res/values-sv/strings.xml
@@ -267,7 +267,6 @@
   <string name="pref_force_encryption_summary">Sänd alltid krypterade meddelanden (utom för konferenser)</string>
   <string name="pref_dont_save_encrypted">Spara in krypterade meddelanden</string>
   <string name="pref_dont_save_encrypted_summary">Varning: Detta kan leda till att meddelanden förloras</string>
-  <string name="pref_enable_legacy_ssl">Aktivera förlegad SSL</string>
   <string name="pref_expert_options">Expertinställningar</string>
   <string name="pref_expert_options_summary">Var försiktig med dem</string>
   <string name="title_activity_about">Om Conversations</string>
diff --git a/src/main/res/values/strings.xml b/src/main/res/values/strings.xml
index 2dac29da81d2f775a16735ab25ed5302a72a1975..dc4c1bdbb2a31e8ea9331f2434fd8ea8e7428328 100644
--- a/src/main/res/values/strings.xml
+++ b/src/main/res/values/strings.xml
@@ -269,8 +269,6 @@
     <string name="pref_force_encryption_summary">Always send messages encrypted (except for conferences)</string>
     <string name="pref_dont_save_encrypted">Don’t save encrypted messages</string>
     <string name="pref_dont_save_encrypted_summary">Warning: This could lead to message loss</string>
-    <string name="pref_enable_legacy_ssl">Enable legacy SSL</string>
-    <string name="pref_enable_legacy_ssl_summary">Enables legacy SSLv3 support and insecure SSL ciphers.</string>
     <string name="pref_expert_options">Expert options</string>
     <string name="pref_expert_options_summary">Please be careful with these</string>
     <string name="title_activity_about">About Conversations</string>
diff --git a/src/main/res/xml/preferences.xml b/src/main/res/xml/preferences.xml
index 2ff6800b938bdcd9daf7f45372f3a536cdcfaec6..7c92530f259dfac88498538531a0e0e38c615249 100644
--- a/src/main/res/xml/preferences.xml
+++ b/src/main/res/xml/preferences.xml
@@ -116,11 +116,6 @@
                     android:key="dont_save_encrypted"
                     android:summary="@string/pref_dont_save_encrypted_summary"
                     android:title="@string/pref_dont_save_encrypted" />
-                <CheckBoxPreference
-                    android:defaultValue="false"
-                    android:key="enable_legacy_ssl"
-                    android:summary="@string/pref_enable_legacy_ssl_summary"
-                    android:title="@string/pref_enable_legacy_ssl" />
             </PreferenceCategory>
 	        <PreferenceCategory android:title="@string/pref_input_options">
 		        <CheckBoxPreference