Add analytics to track of what cipher suites are being used

b/18001842
I do this in MailTransport, which is only used by POP and IMAP.
I can't log Analytics in SSLSocketFactoryWrapper, because that
is in emailcommon and would cause a circular dependancy between
emailcomman and UnifiedEmail.
This will not yet work for Exchange, because it gets its socket
indirectly through EmailClientConnectionManager, using a
SchemeRegistry. Still, it will be helpful to get this info for POP
and IMAP.

Change-Id: Ibb9d22c83c49d0ba5090295b5321ca6afb09e65b
This commit is contained in:
Martin Hibdon 2014-10-22 14:47:51 -07:00
parent a908d45ae3
commit 93a9662d8d
2 changed files with 14 additions and 1 deletions

View File

@ -234,10 +234,10 @@ public class SSLSocketFactoryWrapper extends javax.net.ssl.SSLSocketFactory {
ssl.startHandshake();
SSLSession session = ssl.getSession();
LogUtils.d(LogUtils.TAG, "using cipherSuite %s", session.getCipherSuite());
if (session == null) {
throw new SSLException("Cannot verify SSL socket without session");
}
LogUtils.d(LogUtils.TAG, "using cipherSuite %s", session.getCipherSuite());
if (!HttpsURLConnection.getDefaultHostnameVerifier().verify(hostname, session)) {
throw new SSLPeerUnverifiedException("Cannot verify hostname: " + hostname);
}

View File

@ -24,6 +24,7 @@ import com.android.emailcommon.mail.CertificateValidationException;
import com.android.emailcommon.mail.MessagingException;
import com.android.emailcommon.provider.HostAuth;
import com.android.emailcommon.utility.SSLUtils;
import com.android.mail.analytics.Analytics;
import com.android.mail.utils.LogUtils;
import java.io.BufferedInputStream;
@ -121,6 +122,13 @@ public class MailTransport {
if (canTrySslSecurity() && !canTrustAllCertificates()) {
verifyHostname(mSocket, getHost());
}
if (mSocket instanceof SSLSocket) {
final SSLSocket sslSocket = (SSLSocket) mSocket;
if (sslSocket.getSession() != null) {
Analytics.getInstance().sendEvent("cipher_suite", "open",
sslSocket.getSession().getCipherSuite(), 0);
}
}
mIn = new BufferedInputStream(mSocket.getInputStream(), 1024);
mOut = new BufferedOutputStream(mSocket.getOutputStream(), 512);
mSocket.setSoTimeout(SOCKET_READ_TIMEOUT);
@ -159,6 +167,11 @@ public class MailTransport {
mIn = new BufferedInputStream(mSocket.getInputStream(), 1024);
mOut = new BufferedOutputStream(mSocket.getOutputStream(), 512);
final SSLSocket sslSocket = (SSLSocket) mSocket;
if (sslSocket.getSession() != null) {
Analytics.getInstance().sendEvent("cipher_suite", "reopenTls",
sslSocket.getSession().getCipherSuite(), 0);
}
} catch (SSLException e) {
if (DebugUtils.DEBUG) {
LogUtils.d(Logging.LOG_TAG, e.toString());