diff --git a/README.md b/README.md index 55e6f102..3d114f51 100644 --- a/README.md +++ b/README.md @@ -2,7 +2,7 @@ [![License: MPLv2](https://img.shields.io/badge/License-MPLv2-blue.svg)](https://opensource.org/licenses/MPL-2.0) - + # Major enhancements in this fork are: - Individual sync conditions can be applied per device and per folder (for expert users). diff --git a/app/build.gradle b/app/build.gradle index 1a7c51e3..71c0a2d3 100644 --- a/app/build.gradle +++ b/app/build.gradle @@ -37,8 +37,8 @@ android { applicationId "com.github.catfriend1.syncthingandroid" minSdkVersion 16 targetSdkVersion 26 - versionCode 4180 - versionName "0.14.54.1" + versionCode 4181 + versionName "0.14.54.2" testApplicationId 'com.github.catfriend1.syncthingandroid.test' testInstrumentationRunner 'android.support.test.runner.AndroidJUnitRunner' playAccountConfig = playAccountConfigs.defaultAccountConfig diff --git a/app/src/main/java/com/nutomic/syncthingandroid/http/ApiRequest.java b/app/src/main/java/com/nutomic/syncthingandroid/http/ApiRequest.java index 9c54dcf5..23b67b54 100644 --- a/app/src/main/java/com/nutomic/syncthingandroid/http/ApiRequest.java +++ b/app/src/main/java/com/nutomic/syncthingandroid/http/ApiRequest.java @@ -157,9 +157,12 @@ public abstract class ApiRequest { } @Override protected HttpURLConnection createConnection(URL url) throws IOException { - HttpsURLConnection connection = (HttpsURLConnection) super.createConnection(url); - connection.setHostnameVerifier((hostname, session) -> true); - return connection; + if (mUrl.toString().startsWith("https://")) { + HttpsURLConnection connection = (HttpsURLConnection) super.createConnection(url); + connection.setHostnameVerifier((hostname, session) -> true); + return connection; + } + return super.createConnection(url); } } diff --git a/app/src/main/java/com/nutomic/syncthingandroid/service/Constants.java b/app/src/main/java/com/nutomic/syncthingandroid/service/Constants.java index f59d0a03..7235d69d 100644 --- a/app/src/main/java/com/nutomic/syncthingandroid/service/Constants.java +++ b/app/src/main/java/com/nutomic/syncthingandroid/service/Constants.java @@ -1,6 +1,7 @@ package com.nutomic.syncthingandroid.service; import android.content.Context; +import android.os.Build; import android.os.Environment; import java.io.File; @@ -164,4 +165,14 @@ public class Constants { static File getLogFile(Context context) { return new File(context.getExternalFilesDir(null), "syncthing.log"); } + + /** + * Decide if we should enforce HTTPS when accessing the Web UI and REST API. + * Android 4.4 and earlier don't have support for TLS 1.2 requiring us to + * fall back to an unencrypted HTTP connection to localhost. This applies + * to syncthing core v0.14.53+. + */ + public static final Boolean osSupportsTLS12() { + return Build.VERSION.SDK_INT >= Build.VERSION_CODES.LOLLIPOP; + } } diff --git a/app/src/main/java/com/nutomic/syncthingandroid/util/ConfigXml.java b/app/src/main/java/com/nutomic/syncthingandroid/util/ConfigXml.java index 90086e33..12e53124 100644 --- a/app/src/main/java/com/nutomic/syncthingandroid/util/ConfigXml.java +++ b/app/src/main/java/com/nutomic/syncthingandroid/util/ConfigXml.java @@ -119,8 +119,9 @@ public class ConfigXml { } public URL getWebGuiUrl() { + String urlProtocol = Constants.osSupportsTLS12() ? "https" : "http"; try { - return new URL("https://" + getGuiElement().getElementsByTagName("address").item(0).getTextContent()); + return new URL(urlProtocol + "://" + getGuiElement().getElementsByTagName("address").item(0).getTextContent()); } catch (MalformedURLException e) { throw new RuntimeException("Failed to parse web interface URL", e); } @@ -166,9 +167,15 @@ public class ConfigXml { } /* Section - GUI */ - // Enforce TLS. Element gui = getGuiElement(); - changed = setConfigElement(gui, "tls", "true") || changed; + + // Platform-specific: Force REST API and Web UI access to use TLS 1.2 or not. + Boolean forceHttps = Constants.osSupportsTLS12(); + if (!gui.hasAttribute("tls") || + Boolean.parseBoolean(gui.getAttribute("tls")) != forceHttps) { + gui.setAttribute("tls", forceHttps ? "true" : "false"); + changed = true; + } // Set user to "syncthing" changed = setConfigElement(gui, "user", "syncthing") || changed; diff --git a/app/src/main/play/en-GB/whatsnew b/app/src/main/play/en-GB/whatsnew index dcbc29b2..6d5ae720 100644 --- a/app/src/main/play/en-GB/whatsnew +++ b/app/src/main/play/en-GB/whatsnew @@ -1,5 +1,6 @@ Maintenance * Updated syncthing core to v0.14.54 +* Fallback to http if https tls 1.2 is unavailable on Android 4.x Enhancements * Added "Recent changes" UI, click files to open [NEW] * Specify sync conditions differently for each folder, device [NEW] diff --git a/build_submodule.cmd b/build_submodule.cmd new file mode 100644 index 00000000..e4f96e1d --- /dev/null +++ b/build_submodule.cmd @@ -0,0 +1,7 @@ +@echo off +cls +cd /d "%~dps0" +REM +gradlew buildNative +REM +pause diff --git a/git_update_submodule.cmd b/git_update_submodule.cmd new file mode 100644 index 00000000..40934bbc --- /dev/null +++ b/git_update_submodule.cmd @@ -0,0 +1,12 @@ +@echo off +cls +REM +SET PATH=%PATH%;"%ProgramFiles%\Git\bin" +SET DESIRED_SUBMODULE_VERSION=v0.14.54 +REM +cd /d "%~dps0\syncthing\src\github.com\syncthing\syncthing" +REM +git fetch --all +git checkout %DESIRED_SUBMODULE_VERSION% +REM +pause diff --git a/publish-release.sh b/publish-release.sh index 820c0651..527b0ce8 100755 --- a/publish-release.sh +++ b/publish-release.sh @@ -43,4 +43,4 @@ Release published! #" #ACCESS_TOKEN="" #api_json=$(printf '{"tag_name": "v%s","target_commitish": "master","name": "v%s","body": "%s","draft": false,"prerelease": false}' $version $version $changelog) -#curl --data "$api_json" https://api.github.com/repos/syncthing/syncthing-android/releases?access_token=$ACCESS_TOKEN +#curl --data "$api_json" https://api.github.com/repos/Catfriend1/syncthing-android/releases?access_token=$ACCESS_TOKEN