From 93a9662d8db14e492da0cf4866265a0ddebda190 Mon Sep 17 00:00:00 2001
From: Martin Hibdon <mhibdon@google.com>
Date: Wed, 22 Oct 2014 14:47:51 -0700
Subject: [PATCH] Add analytics to track of what cipher suites are being used

b/18001842
I do this in MailTransport, which is only used by POP and IMAP.
I can't log Analytics in SSLSocketFactoryWrapper, because that
is in emailcommon and would cause a circular dependancy between
emailcomman and UnifiedEmail.
This will not yet work for Exchange, because it gets its socket
indirectly through EmailClientConnectionManager, using a
SchemeRegistry. Still, it will be helpful to get this info for POP
and IMAP.

Change-Id: Ibb9d22c83c49d0ba5090295b5321ca6afb09e65b
---
 .../utility/SSLSocketFactoryWrapper.java            |  2 +-
 .../android/email/mail/transport/MailTransport.java | 13 +++++++++++++
 2 files changed, 14 insertions(+), 1 deletion(-)

diff --git a/emailcommon/src/com/android/emailcommon/utility/SSLSocketFactoryWrapper.java b/emailcommon/src/com/android/emailcommon/utility/SSLSocketFactoryWrapper.java
index 516084fe4..66b596bff 100644
--- a/emailcommon/src/com/android/emailcommon/utility/SSLSocketFactoryWrapper.java
+++ b/emailcommon/src/com/android/emailcommon/utility/SSLSocketFactoryWrapper.java
@@ -234,10 +234,10 @@ public class SSLSocketFactoryWrapper extends javax.net.ssl.SSLSocketFactory {
         ssl.startHandshake();
 
         SSLSession session = ssl.getSession();
-        LogUtils.d(LogUtils.TAG, "using cipherSuite %s", session.getCipherSuite());
         if (session == null) {
             throw new SSLException("Cannot verify SSL socket without session");
         }
+        LogUtils.d(LogUtils.TAG, "using cipherSuite %s", session.getCipherSuite());
         if (!HttpsURLConnection.getDefaultHostnameVerifier().verify(hostname, session)) {
             throw new SSLPeerUnverifiedException("Cannot verify hostname: " + hostname);
         }
diff --git a/provider_src/com/android/email/mail/transport/MailTransport.java b/provider_src/com/android/email/mail/transport/MailTransport.java
index 74d0ab59e..657c10072 100644
--- a/provider_src/com/android/email/mail/transport/MailTransport.java
+++ b/provider_src/com/android/email/mail/transport/MailTransport.java
@@ -24,6 +24,7 @@ import com.android.emailcommon.mail.CertificateValidationException;
 import com.android.emailcommon.mail.MessagingException;
 import com.android.emailcommon.provider.HostAuth;
 import com.android.emailcommon.utility.SSLUtils;
+import com.android.mail.analytics.Analytics;
 import com.android.mail.utils.LogUtils;
 
 import java.io.BufferedInputStream;
@@ -121,6 +122,13 @@ public class MailTransport {
             if (canTrySslSecurity() && !canTrustAllCertificates()) {
                 verifyHostname(mSocket, getHost());
             }
+            if (mSocket instanceof SSLSocket) {
+                final SSLSocket sslSocket = (SSLSocket) mSocket;
+                if (sslSocket.getSession() != null) {
+                    Analytics.getInstance().sendEvent("cipher_suite", "open",
+                            sslSocket.getSession().getCipherSuite(), 0);
+                }
+            }
             mIn = new BufferedInputStream(mSocket.getInputStream(), 1024);
             mOut = new BufferedOutputStream(mSocket.getOutputStream(), 512);
             mSocket.setSoTimeout(SOCKET_READ_TIMEOUT);
@@ -159,6 +167,11 @@ public class MailTransport {
             mIn = new BufferedInputStream(mSocket.getInputStream(), 1024);
             mOut = new BufferedOutputStream(mSocket.getOutputStream(), 512);
 
+            final SSLSocket sslSocket = (SSLSocket) mSocket;
+            if (sslSocket.getSession() != null) {
+                Analytics.getInstance().sendEvent("cipher_suite", "reopenTls",
+                        sslSocket.getSession().getCipherSuite(), 0);
+            }
         } catch (SSLException e) {
             if (DebugUtils.DEBUG) {
                 LogUtils.d(Logging.LOG_TAG, e.toString());