-
Notifications
You must be signed in to change notification settings - Fork 24.4k
New issue
Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? # to your account
use Conscrypt as security provider if available #23984
Conversation
@hey99xx please review |
I think react-native shouldn't include TLS 1.3 support by default because:
|
I agree with @sercand . Maybe not a good time to add this. We can add docs to instruct developer how to enable TLS 1.3 in react native. |
Intention was to fix TLS on Android 4.x, and got TLS 1.3 as a bonus.
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We should probably add some documentation for this somewhere.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@cpojer is landing this pull request. If you are a Facebook employee, you can view this diff on Phabricator.
This pull request was successfully merged by @dulmandakh in 75af15e. When will my fix make it into a release? | Upcoming Releases |
Summary: This PR adds support to use Conscrypt as Security Provider if available runtime. Consscrypt supports TLS 1.2 on Android 4.x and TLS 1.3 on all Android versions. Fixes issues (ex #23151) with HTTPS connections on Android 4.x. Just add below to your project build.gradle and it'll use it. ```gradle implementation('org.conscrypt:conscrypt-android:2.0.0') ``` [Android] [Changed] - Add TLS 1.3 support to all Android versions using Conscrypt. Pull Request resolved: #23984 Differential Revision: D14506000 Pulled By: cpojer fbshipit-source-id: 58bf18f7203d20519fb4451bae83f01e2f020a44
for anyone not resolved |
Summary: When I updated the server to Ubuntu 20, this switched us over to [requiring TLS 1.2](https://discourse.ubuntu.com/t/default-to-tls-v1-2-in-all-tls-libraries-in-20-04-lts/12464). However, Android 4 doesn't have support for TLS 1.2, which means we weren't able to connect to the server. Luckily, [there's a way](facebook/react-native#23984) to use a third-party lib for TLS 1.2 (and TLS 1.3) support in React Native. Test Plan: Make sure Android 4.4 client can connect to server Reviewers: palys-swm Reviewed By: palys-swm Subscribers: KatPo, zrebcu411, Adrian Differential Revision: https://phabricator.ashoat.com/D333
Summary
This PR adds support to use Conscrypt as Security Provider if available runtime. Consscrypt supports TLS 1.2 on Android 4.x and TLS 1.3 on all Android versions. Fixes issues (ex #23151) with HTTPS connections on Android 4.x.
Just add below to your project build.gradle and it'll use it.
implementation('org.conscrypt:conscrypt-android:2.0.0')
Workaround
Please copy and paste below code in onCreate method of MyApplication.java
Changelog
[Android] [Changed] - Add TLS 1.3 support to all Android versions using Conscrypt.
Test Plan
CI is green and TLS 1.2 connections work on Android,