use Conscrypt as security provider if available #23984
Closed
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
facebook-github-bot
added
CLA Signed
|
@hey99xx please review |
|
I think react-native shouldn't include TLS 1.3 support by default because:
|
|
I agree with @sercand . Maybe not a good time to add this. We can add docs to instruct developer how to enable TLS 1.3 in react native. |
|
Intention was to fix TLS on Android 4.x, and got TLS 1.3 as a bonus.
|
dulmandakh
changed the title
cpojer
approved these changes
Mar 18, 2019
facebook-github-bot
approved these changes
Mar 18, 2019
There was a problem hiding this comment.
@cpojer is landing this pull request. If you are a Facebook employee, you can view this diff on Phabricator.
|
This pull request was successfully merged by @dulmandakh in 75af15e. When will my fix make it into a release? | Upcoming Releases |
This was referenced Mar 19, 2019
grabbou
pushed a commit
that referenced
this pull request
Mar 22, 2019
Summary: This PR adds support to use Conscrypt as Security Provider if available runtime. Consscrypt supports TLS 1.2 on Android 4.x and TLS 1.3 on all Android versions. Fixes issues (ex #23151) with HTTPS connections on Android 4.x. Just add below to your project build.gradle and it'll use it. ```gradle implementation('org.conscrypt:conscrypt-android:2.0.0') ``` [Android] [Changed] - Add TLS 1.3 support to all Android versions using Conscrypt. Pull Request resolved: #23984 Differential Revision: D14506000 Pulled By: cpojer fbshipit-source-id: 58bf18f7203d20519fb4451bae83f01e2f020a44
|
for anyone not resolved |
Ashoat
added a commit
to CommE2E/comm
that referenced
this pull request
Oct 28, 2020
Summary: When I updated the server to Ubuntu 20, this switched us over to [requiring TLS 1.2](https://discourse.ubuntu.com/t/default-to-tls-v1-2-in-all-tls-libraries-in-20-04-lts/12464). However, Android 4 doesn't have support for TLS 1.2, which means we weren't able to connect to the server. Luckily, [there's a way](facebook/react-native#23984) to use a third-party lib for TLS 1.2 (and TLS 1.3) support in React Native. Test Plan: Make sure Android 4.4 client can connect to server Reviewers: palys-swm Reviewed By: palys-swm Subscribers: KatPo, zrebcu411, Adrian Differential Revision: https://phabricator.ashoat.com/D333
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Summary
This PR adds support to use Conscrypt as Security Provider if available runtime. Consscrypt supports TLS 1.2 on Android 4.x and TLS 1.3 on all Android versions. Fixes issues (ex #23151) with HTTPS connections on Android 4.x.
Just add below to your project build.gradle and it'll use it.
implementation('org.conscrypt:conscrypt-android:2.0.0')Workaround
Please copy and paste below code in onCreate method of MyApplication.java
Changelog
[Android] [Changed] - Add TLS 1.3 support to all Android versions using Conscrypt.
Test Plan
CI is green and TLS 1.2 connections work on Android,