From 6bfd89d27724f2aac602fa2acbf4753950f4152e Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Lukas=20Mu=CC=88ller?= <Lukas.Mueller@de.kaercher.com>
Date: Thu, 7 Jan 2021 20:28:00 -0800
Subject: [PATCH] Update OkHttp to 3.14.9 to improve security (#30609)

Summary:
Okhttp 3.12.X allows Connections using TLS 1.0 and TLS1.1.
TLS 1.0 and TLS 1.1 are no longer secure.
Google, Mozilla, Microsoft, and Apple announced that their browsers will require TLSv1.2 or better starting in early 2020.

https://square.github.io/okhttp/changelog_3x/#version-310
https://github.com/facebook/react-native/wiki/Changelog

Starting from 3.13.0 TLSv1 and TLSv1.1 are no longer enabled by default.
3.13.0 requires JAVA 8 and Android SDK 21 (which was blocking the Upgrade in the Past).

## Changelog

[Android] [Changed] - Update Okhttp to version 3.14.19

Pull Request resolved: https://github.com/facebook/react-native/pull/30609

Test Plan:
Current tests should pass.
Connections using TLS 1.0 and TLS 1.1 should not be possible.

Reviewed By: mdvacca

Differential Revision: D25843511

Pulled By: fkgozali

fbshipit-source-id: f0b648c8037f945130c6f9983404ee7f75b178cb
---
 ReactAndroid/gradle.properties                     | 2 +-
 ReactAndroid/src/main/third-party/java/okhttp/BUCK | 8 ++++----
 2 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/ReactAndroid/gradle.properties b/ReactAndroid/gradle.properties
index 2287cd057099fc..6e87e5187d3d33 100644
--- a/ReactAndroid/gradle.properties
+++ b/ReactAndroid/gradle.properties
@@ -12,7 +12,7 @@ JUNIT_VERSION=4.12
 
 ANDROIDX_TEST_VERSION=1.1.0
 FRESCO_VERSION=2.0.0
-OKHTTP_VERSION=3.12.12
+OKHTTP_VERSION=3.14.9
 SO_LOADER_VERSION=0.9.0
 
 BOOST_VERSION=1_63_0
diff --git a/ReactAndroid/src/main/third-party/java/okhttp/BUCK b/ReactAndroid/src/main/third-party/java/okhttp/BUCK
index a19336522a9b90..90b3f3f9f84c07 100644
--- a/ReactAndroid/src/main/third-party/java/okhttp/BUCK
+++ b/ReactAndroid/src/main/third-party/java/okhttp/BUCK
@@ -9,8 +9,8 @@ rn_prebuilt_jar(
 
 fb_native.remote_file(
     name = "okhttp3-binary.jar",
-    sha1 = "d3e1ce1d2b3119adf270b2d00d947beb03fe3321",
-    url = "mvn:com.squareup.okhttp3:okhttp:jar:3.12.12",
+    sha1 = "3e6d101343c7ea687cd593e4990f73b25c878383",
+    url = "mvn:com.squareup.okhttp3:okhttp:jar:3.14.9",
 )
 
 rn_prebuilt_jar(
@@ -21,6 +21,6 @@ rn_prebuilt_jar(
 
 fb_native.remote_file(
     name = "okhttp3-urlconnection-binary.jar",
-    sha1 = "3cfbe11fb8c48d30600a70f90b3283fc858aea72",
-    url = "mvn:com.squareup.okhttp3:okhttp-urlconnection:jar:3.12.12",
+    sha1 = "c9a3b45b815cf2982415ec8145339f5af58989c3",
+    url = "mvn:com.squareup.okhttp3:okhttp-urlconnection:jar:3.14.9",
 )