From 5a4c356c97c1baf4e8f30f7a1ccb3c33831f6884 Mon Sep 17 00:00:00 2001
From: Andrew Goodale <andrewgoodale@upserve.com>
Date: Wed, 20 Dec 2017 16:03:14 -0500
Subject: [PATCH] Do not enable TLSv1 if it is not a supported protocol

---
 .../react/modules/network/TLSSocketFactory.java        | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

diff --git a/ReactAndroid/src/main/java/com/facebook/react/modules/network/TLSSocketFactory.java b/ReactAndroid/src/main/java/com/facebook/react/modules/network/TLSSocketFactory.java
index 0fd2a2d86768..8f0ac71ece37 100644
--- a/ReactAndroid/src/main/java/com/facebook/react/modules/network/TLSSocketFactory.java
+++ b/ReactAndroid/src/main/java/com/facebook/react/modules/network/TLSSocketFactory.java
@@ -14,6 +14,7 @@
 import java.net.UnknownHostException;
 import java.security.KeyManagementException;
 import java.security.NoSuchAlgorithmException;
+import java.util.Arrays;
 
 import javax.net.ssl.SSLContext;
 import javax.net.ssl.SSLSocket;
@@ -71,7 +72,14 @@ public Socket createSocket(InetAddress address, int port, InetAddress localAddre
 
     private Socket enableTLSOnSocket(Socket socket) {
         if(socket != null && (socket instanceof SSLSocket)) {
-            ((SSLSocket)socket).setEnabledProtocols(new String[] {"TLSv1", "TLSv1.1", "TLSv1.2"});
+            SSLSocket sslSocket = ((SSLSocket)socket);
+            String[] supportedProtocols = sslSocket.getSupportedProtocols();
+
+            if (Arrays.asList(supportedProtocols).contains("TLSv1")) {
+              sslSocket.setEnabledProtocols(new String[] {"TLSv1", "TLSv1.1", "TLSv1.2"});
+            } else {
+              sslSocket.setEnabledProtocols(new String[] {"TLSv1.1", "TLSv1.2"});
+            }
         }
         return socket;
     }