From 14a0a7a2a7cda7cf385ba1f726c039c445dc9e71 Mon Sep 17 00:00:00 2001
From: Joe Steele <joe@madewell.net>
Date: Fri, 28 Feb 2014 12:47:43 -0500
Subject: [PATCH] Provide notification if STARTTLS is not available

---
 src/com/fsck/k9/mail/store/ImapStore.java         | 12 +++++++++++-
 src/com/fsck/k9/mail/store/Pop3Store.java         | 13 ++++++++++++-
 src/com/fsck/k9/mail/transport/SmtpTransport.java | 13 ++++++++++++-
 3 files changed, 35 insertions(+), 3 deletions(-)

diff --git a/src/com/fsck/k9/mail/store/ImapStore.java b/src/com/fsck/k9/mail/store/ImapStore.java
index d52add785..d52e78c71 100644
--- a/src/com/fsck/k9/mail/store/ImapStore.java
+++ b/src/com/fsck/k9/mail/store/ImapStore.java
@@ -27,6 +27,7 @@ import java.nio.charset.CodingErrorAction;
 import java.security.GeneralSecurityException;
 import java.security.SecureRandom;
 import java.security.Security;
+import java.security.cert.CertificateException;
 import java.text.SimpleDateFormat;
 import java.util.ArrayList;
 import java.util.Arrays;
@@ -2497,7 +2498,16 @@ public class ImapStore extends Store {
                             throw new MessagingException("Invalid CAPABILITY response received");
                         }
                     } else {
-                        throw new MessagingException("TLS not supported but required");
+                        /*
+                         * This exception triggers a "Certificate error"
+                         * notification that takes the user to the incoming
+                         * server settings for review. This might be needed if
+                         * the account was configured with an obsolete
+                         * "STARTTLS (if available)" setting.
+                         */
+                        throw new CertificateValidationException(
+                                "STARTTLS connection security not available",
+                                new CertificateException());
                     }
                 }
 
diff --git a/src/com/fsck/k9/mail/store/Pop3Store.java b/src/com/fsck/k9/mail/store/Pop3Store.java
index e59cbb4ed..c5a23183b 100644
--- a/src/com/fsck/k9/mail/store/Pop3Store.java
+++ b/src/com/fsck/k9/mail/store/Pop3Store.java
@@ -18,12 +18,14 @@ import com.fsck.k9.net.ssl.TrustedSocketFactory;
 import javax.net.ssl.SSLContext;
 import javax.net.ssl.SSLException;
 import javax.net.ssl.TrustManager;
+
 import java.io.*;
 import java.net.*;
 import java.security.GeneralSecurityException;
 import java.security.MessageDigest;
 import java.security.NoSuchAlgorithmException;
 import java.security.SecureRandom;
+import java.security.cert.CertificateException;
 import java.util.ArrayList;
 import java.util.Arrays;
 import java.util.Date;
@@ -339,7 +341,16 @@ public class Pop3Store extends Store {
                         }
                         mCapabilities = getCapabilities();
                     } else {
-                        throw new MessagingException("TLS not supported but required");
+                        /*
+                         * This exception triggers a "Certificate error"
+                         * notification that takes the user to the incoming
+                         * server settings for review. This might be needed if
+                         * the account was configured with an obsolete
+                         * "STARTTLS (if available)" setting.
+                         */
+                        throw new CertificateValidationException(
+                                "STARTTLS connection security not available",
+                                new CertificateException());
                     }
                 }
 
diff --git a/src/com/fsck/k9/mail/transport/SmtpTransport.java b/src/com/fsck/k9/mail/transport/SmtpTransport.java
index 6f96fe430..dc8a5e8c9 100644
--- a/src/com/fsck/k9/mail/transport/SmtpTransport.java
+++ b/src/com/fsck/k9/mail/transport/SmtpTransport.java
@@ -19,6 +19,7 @@ import com.fsck.k9.net.ssl.TrustedSocketFactory;
 import javax.net.ssl.SSLContext;
 import javax.net.ssl.SSLException;
 import javax.net.ssl.TrustManager;
+
 import java.io.BufferedInputStream;
 import java.io.BufferedOutputStream;
 import java.io.IOException;
@@ -27,6 +28,7 @@ import java.io.UnsupportedEncodingException;
 import java.net.*;
 import java.security.GeneralSecurityException;
 import java.security.SecureRandom;
+import java.security.cert.CertificateException;
 
 import java.util.*;
 
@@ -276,7 +278,16 @@ public class SmtpTransport extends Transport {
                     extensions = sendHello(localHost);
                     secureConnection = true;
                 } else {
-                    throw new MessagingException("TLS not supported but required");
+                    /*
+                     * This exception triggers a "Certificate error"
+                     * notification that takes the user to the incoming
+                     * server settings for review. This might be needed if
+                     * the account was configured with an obsolete
+                     * "STARTTLS (if available)" setting.
+                     */
+                    throw new CertificateValidationException(
+                            "STARTTLS connection security not available",
+                            new CertificateException());
                 }
             }