Created
May 1, 2017 09:01
-
-
Save tateisu/6e4e327d60ee87fbe45692a02b3ab64d to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
okhttp3のソースから抜粋 | |
public OkHttpClient() { | |
this(new Builder()); | |
} | |
public Builder() { | |
dispatcher = new Dispatcher(); | |
protocols = DEFAULT_PROTOCOLS; | |
connectionSpecs = DEFAULT_CONNECTION_SPECS; | |
eventListenerFactory = EventListener.factory(EventListener.NONE); | |
proxySelector = ProxySelector.getDefault(); | |
cookieJar = CookieJar.NO_COOKIES; | |
socketFactory = SocketFactory.getDefault(); | |
hostnameVerifier = OkHostnameVerifier.INSTANCE; | |
certificatePinner = CertificatePinner.DEFAULT; | |
proxyAuthenticator = Authenticator.NONE; | |
authenticator = Authenticator.NONE; | |
connectionPool = new ConnectionPool(); | |
dns = Dns.SYSTEM; | |
followSslRedirects = true; | |
followRedirects = true; | |
retryOnConnectionFailure = true; | |
connectTimeout = 10_000; | |
readTimeout = 10_000; | |
writeTimeout = 10_000; | |
pingInterval = 0; | |
} | |
static final List<ConnectionSpec> DEFAULT_CONNECTION_SPECS = Util.immutableList( | |
ConnectionSpec.MODERN_TLS, ConnectionSpec.CLEARTEXT); | |
/** A modern TLS connection with extensions like SNI and ALPN available. */ | |
public static final ConnectionSpec MODERN_TLS = new Builder(true) | |
.cipherSuites(APPROVED_CIPHER_SUITES) | |
.tlsVersions(TlsVersion.TLS_1_3, TlsVersion.TLS_1_2, TlsVersion.TLS_1_1, TlsVersion.TLS_1_0) | |
.supportsTlsExtensions(true) | |
.build(); | |
// This is nearly equal to the cipher suites supported in Chrome 51, current as of 2016-05-25. | |
// All of these suites are available on Android 7.0; earlier releases support a subset of these | |
// suites. https://github.com/square/okhttp/issues/1972 | |
private static final CipherSuite[] APPROVED_CIPHER_SUITES = new CipherSuite[] { | |
CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, | |
CipherSuite.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, | |
CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, | |
CipherSuite.TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, | |
CipherSuite.TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256, | |
CipherSuite.TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256, | |
// Note that the following cipher suites are all on HTTP/2's bad cipher suites list. We'll | |
// continue to include them until better suites are commonly available. For example, none | |
// of the better cipher suites listed above shipped with Android 4.4 or Java 7. | |
CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, | |
CipherSuite.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, | |
CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, | |
CipherSuite.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, | |
CipherSuite.TLS_RSA_WITH_AES_128_GCM_SHA256, | |
CipherSuite.TLS_RSA_WITH_AES_256_GCM_SHA384, | |
CipherSuite.TLS_RSA_WITH_AES_128_CBC_SHA, | |
CipherSuite.TLS_RSA_WITH_AES_256_CBC_SHA, | |
CipherSuite.TLS_RSA_WITH_3DES_EDE_CBC_SHA, | |
}; | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment