Bug: 476863 - Android Service is limited to SSL 3.0

jpwsutton · jpwsutton · commit 450c508747cd · 2015-11-26T15:11:17.000Z
I've set the SSL/TLS version to TLSv1. This is an immediate improvement over the very insecure SSLv1 that was previously allowed.
This should allow TLSv1 TLSV1.1 and TLSv1.2
Signed-off-by: James Sutton &lt;james.sutton@uk.ibm.com&gt;
diff --git a/org.eclipse.paho.android.service/org.eclipse.paho.android.service/src/main/java/org/eclipse/paho/android/service/MqttAndroidClient.java b/org.eclipse.paho.android.service/org.eclipse.paho.android.service/src/main/java/org/eclipse/paho/android/service/MqttAndroidClient.java
@@ -1667,7 +1667,7 @@ public SSLSocketFactory getSSLSocketFactory (InputStream keyStore, String passwo
 		 TrustManagerFactory tmf = TrustManagerFactory.getInstance("X509");
 		 tmf.init(ts);
 		 TrustManager[] tm = tmf.getTrustManagers();
-		 ctx = SSLContext.getInstance("SSL");
+		 ctx = SSLContext.getInstance("TLSv1");
 		 ctx.init(null, tm, null);
 		 
 		 sslSockFactory=ctx.getSocketFactory();
