Merge pull request #493 from hjubb/pin_seed_certs

Introduce service node seed certificates

libsession/src/main/java/org/session/libsession/snode/SnodeAPI.kt

@@ -2,21 +2,19 @@
 
 package org.session.libsession.snode
 
+import android.os.Build
 import nl.komponents.kovenant.*
 import nl.komponents.kovenant.functional.bind
 import nl.komponents.kovenant.functional.map
-
 import org.session.libsession.snode.utilities.getRandomElement
-
-import org.session.libsignal.utilities.logging.Log
-import org.session.libsignal.service.loki.api.utilities.HTTP
 import org.session.libsignal.service.loki.api.Snode
+import org.session.libsignal.service.loki.api.utilities.HTTP
 import org.session.libsignal.service.loki.database.LokiAPIDatabaseProtocol
 import org.session.libsignal.service.loki.utilities.Broadcaster
 import org.session.libsignal.service.loki.utilities.prettifiedDescription
 import org.session.libsignal.service.loki.utilities.retryIfNeeded
 import org.session.libsignal.utilities.*
-
+import org.session.libsignal.utilities.logging.Log
 import java.security.SecureRandom
 
 object SnodeAPI {
@@ -36,7 +34,14 @@ object SnodeAPI {
     private val maxRetryCount = 6
     private val minimumSnodePoolCount = 64
     private val minimumSwarmSnodeCount = 2
-    private val seedNodePool: Set<String> = setOf( "https://storage.seed1.loki.network", "https://storage.seed3.loki.network", "https://public.loki.foundation" )
+
+    // use port 4433 if API level can handle network security config and enforce pinned certificates
+    private val seedPort = if (Build.VERSION.SDK_INT < Build.VERSION_CODES.N) 443 else 4433
+    private val seedNodePool: Set<String> = setOf(
+            "https://storage.seed1.loki.network:$seedPort",
+            "https://storage.seed3.loki.network:$seedPort",
+            "https://public.loki.foundation:$seedPort"
+    )
     internal val snodeFailureThreshold = 4
     private val targetSwarmSnodeCount = 2