Fix: Pass the right arguments in the trust manager created for addInsecureHost(). Initialization order of companion objects. Had a crash IllegalArgumentException: Not a Conscrypt trust manager because we depended on Fix: Don’t crash inspecting whether the host platform is JVM or Android.Implementation ( ":okio:2.7.0" )įix: Avoid log messages like “Didn’t find class ” whenĭetecting the TLS capabilities of the host platform.įix: Don’t crash in HttpUrl.topPrivateDomain() when the hostname is malformed.įix: Don’t attempt Brotli decompression if the response body is empty. With this change each connection is locked independently. Previously OkHttp used its connection pool as a lock when making changes to connections andĬalls. New: Reduce contention for applications that make a very high number of concurrent requests. We think BouncyĬastle is great! But it’s a large dependency (6.5 MiB) and its security provider feature Of our effort to remove the okhttp-tls module’s dependency on Bouncy Castle. New: Change HeldCertificate.Builder to use its own ASN.1 certificate encoder. We were using a feature of SimpleDateFormat that wasn’t Fix: Don’t crash in HeldCertificate.Builder when creating certificates on older versions ofĪndroid, including Android 6.Interfaces for Authenticator, Interceptor, and others. Implementation "org.bouncycastle:bcprov-jdk15on:1.65" If you still need it, you can do it yourself: With this release, okhttp-tls no longer depends on Bouncy Castle and doesn’t install theīouncy Castle security provider. This would have appeared in crash logs as Fix: Work around a crash in Android 10 and 11 that may be triggered when two threadsĬoncurrently close an SSL socket.Manual calls to HostnameVerifier could be defeated if the hostnames they pass in are not Fix: Strictly verify hostnames used with OkHttp’s HostnameVerifier.Fix: Don’t crash with an InaccessibleObjectException when running on JDK17+ with strong.This applies to Authorization, Cookie, Proxy-Authorization, and Set-Cookie headers. Fix: Don’t include potentially-sensitive header values in Headers.toString() or exceptions.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |