fix?

Author: xj

app/build.gradle

@@ -10,7 +10,7 @@ android {
 
     defaultConfig {
         applicationId "com.xjs.ehviewer"
-        minSdkVersion 23
+        minSdkVersion 16
         targetSdkVersion 28
         versionCode 107
         versionName "1.7.6.09"
@@ -73,7 +73,8 @@ dependencies {
     implementation 'androidx.cardview:cardview:1.0.0'
 
     implementation 'com.google.android.material:material:1.0.0'
-    implementation 'com.google.firebase:firebase-core:16.0.9'
+//    implementation 'com.google.firebase:firebase-core:16.0.9'
+    implementation 'com.google.firebase:firebase-analytics:17.4.1'
     //noinspection OutdatedLibrary
     implementation 'com.crashlytics.sdk.android:crashlytics:2.10.1'
     implementation 'com.getkeepsafe.relinker:relinker:1.3.1'

app/src/main/java/com/hippo/ehviewer/EhApplication.java

@@ -25,7 +25,9 @@
 import android.content.ServiceConnection;
 import android.content.pm.PackageInfo;
 import android.content.pm.PackageManager;
+import android.net.SSLCertificateSocketFactory;
 import android.os.AsyncTask;
+import android.os.Build;
 import android.os.Debug;
 import android.util.Log;
 import androidx.annotation.NonNull;
@@ -48,6 +50,7 @@
 import com.hippo.image.Image;
 import com.hippo.image.ImageBitmap;
 import com.hippo.network.StatusCodeException;
+import com.hippo.network.Tls12SocketFactory;
 import com.hippo.text.Html;
 import com.hippo.unifile.UniFile;
 import com.hippo.util.BitmapUtils;
@@ -65,8 +68,12 @@
 import java.util.List;
 import java.util.concurrent.TimeUnit;
 
+import javax.net.ssl.SSLContext;
+
 import okhttp3.Cache;
+import okhttp3.ConnectionSpec;
 import okhttp3.OkHttpClient;
+import okhttp3.TlsVersion;
 
 public class EhApplication extends RecordingApplication {
 
@@ -303,14 +310,17 @@ public static EhProxySelector getEhProxySelector(@NonNull Context context) {
     public static OkHttpClient getOkHttpClient(@NonNull Context context) {
         EhApplication application = ((EhApplication) context.getApplicationContext());
         if (application.mOkHttpClient == null) {
-            application.mOkHttpClient = new OkHttpClient.Builder()
+            application.mOkHttpClient = enableTls120nPreLollipop(new OkHttpClient.Builder()
+                    .followRedirects(true)
+                    .followSslRedirects(true)
+                    .retryOnConnectionFailure(true)
                     .connectTimeout(10, TimeUnit.SECONDS)
                     .readTimeout(10, TimeUnit.SECONDS)
                     .writeTimeout(10, TimeUnit.SECONDS)
                     .cookieJar(getEhCookieStore(application))
                     .dns(new EhDns(application))
                     .proxySelector(getEhProxySelector(application))
-                    .build();
+                    ).build();
         }
         return application.mOkHttpClient;
     }
@@ -471,4 +481,30 @@ public void unbindService(ServiceConnection conn) {
             ExceptionUtils.throwIfFatal(t);
         }
     }
+
+    public static OkHttpClient.Builder enableTls120nPreLollipop(OkHttpClient.Builder client){
+        //
+        if (Build.VERSION.SDK_INT >= 16 && Build.VERSION.SDK_INT <= 22){
+            try{
+                SSLContext sslContext = SSLContext.getInstance("TLSv1.2");
+                sslContext.init(null,null,null);
+                client.sslSocketFactory(new Tls12SocketFactory(sslContext.getSocketFactory()));
+
+                ConnectionSpec cs = new ConnectionSpec.Builder(ConnectionSpec.MODERN_TLS)
+                        .tlsVersions(TlsVersion.TLS_1_2)
+                        .build();
+
+                List<ConnectionSpec> specs = new ArrayList<>();
+                specs.add(cs);
+                specs.add(ConnectionSpec.COMPATIBLE_TLS);
+                specs.add(ConnectionSpec.CLEARTEXT);
+
+                client.connectionSpecs(specs);
+            }catch (Exception exc){
+                Log.e("OkHttpTLSCompat","Error while setting TLS 1.2", exc);
+            }
+        }
+
+        return client;
+    }
 }

app/src/main/java/com/hippo/network/Tls12SocketFactory.java

@@ -0,0 +1,68 @@
+package com.hippo.network;
+import java.io.IOException;
+import java.net.InetAddress;
+import java.net.Socket;
+import java.net.UnknownHostException;
+
+import javax.net.ssl.SSLSocket;
+import javax.net.ssl.SSLSocketFactory;
+
+/**
+ * Enables TLS v1.2 when creating SSLSockets.
+ * <p/>
+ * For some reason, android supports TLS v1.2 from API 16, but enables it by
+ * default only from API 20.
+ * @link https://developer.android.com/reference/javax/net/ssl/SSLSocket.html
+ * @see SSLSocketFactory
+ */
+public class Tls12SocketFactory extends SSLSocketFactory {
+    private static final String[] TLS_V12_ONLY = {"TLSv1.2"};
+
+    final SSLSocketFactory delegate;
+
+    public Tls12SocketFactory(SSLSocketFactory base) {
+        this.delegate = base;
+    }
+
+    @Override
+    public String[] getDefaultCipherSuites() {
+        return delegate.getDefaultCipherSuites();
+    }
+
+    @Override
+    public String[] getSupportedCipherSuites() {
+        return delegate.getSupportedCipherSuites();
+    }
+
+    @Override
+    public Socket createSocket(Socket s, String host, int port, boolean autoClose) throws IOException {
+        return patch(delegate.createSocket(s, host, port, autoClose));
+    }
+
+    @Override
+    public Socket createSocket(String host, int port) throws IOException, UnknownHostException {
+        return patch(delegate.createSocket(host, port));
+    }
+
+    @Override
+    public Socket createSocket(String host, int port, InetAddress localHost, int localPort) throws IOException, UnknownHostException {
+        return patch(delegate.createSocket(host, port, localHost, localPort));
+    }
+
+    @Override
+    public Socket createSocket(InetAddress host, int port) throws IOException {
+        return patch(delegate.createSocket(host, port));
+    }
+
+    @Override
+    public Socket createSocket(InetAddress address, int port, InetAddress localAddress, int localPort) throws IOException {
+        return patch(delegate.createSocket(address, port, localAddress, localPort));
+    }
+
+    private Socket patch(Socket s) {
+        if (s instanceof SSLSocket) {
+            ((SSLSocket) s).setEnabledProtocols(TLS_V12_ONLY);
+        }
+        return s;
+    }
+}

build.gradle

@@ -9,7 +9,8 @@ buildscript {
     }
     dependencies {
         classpath 'com.android.tools.build:gradle:4.0.0'
-        classpath 'com.google.gms:google-services:4.3.0'
+//        classpath 'com.google.gms:google-services:4.3.0'
+        classpath 'com.google.gms:google-services:4.3.3'
         classpath 'io.fabric.tools:gradle:1.28.0'
 
         // NOTE: Do not place your application dependencies here; they belong