1
0
mirror of https://github.com/moparisthebest/k-9 synced 2024-11-10 11:35:11 -05:00
Commit Graph

13 Commits

Author SHA1 Message Date
Joe Steele
59a61366ca Merge branch 'remove_gallery_bug_workaround'
Conflicts:
	res/values-it/strings.xml
	res/values-iw/strings.xml
	res/values-sv/strings.xml
2014-09-09 18:59:18 -04:00
cketti
5a6648ceeb Update translations from Transifex
New languages:
- Latvian
- Estonian
- Norwegian Bokmål
- Galician (Spain)
2014-09-09 00:04:10 +02:00
cketti
9e203b75cc Remove gallery bug work-around
This bug was present in the Gallery app shipped with Android 2.0.
The time has come to say good-bye. We will never forget you! But only because you're part of our Git history.
2014-09-07 23:35:18 +02:00
Joe Steele
0fba273357 Remove the obsolete "Condensed layout" preference 2014-08-19 17:17:45 -04:00
Joe Steele
8166f03e87 Remove obsolete "Show unread count" preference
Only applies to pre-Honeycomb devices
2014-08-19 17:17:42 -04:00
Joe Steele
af77bbd1bc Eliminate obsolete background data sync option
It only applied to pre-ICS devices.

ConnectivityManager.ACTION_BACKGROUND_DATA_SETTING_CHANGED is no longer
broadcast.

ConnectivityManager.getBackgroundDataSetting() always returns true.
2014-08-19 17:14:44 -04:00
cketti
d5c6d96112 Fetch translations from Transifex
Include new Basque (eu) translation
2014-04-08 17:36:20 +02:00
cketti
24cdf811e6 Prepare to integrate Transifex translations
Change the translated strings files to a format similar to what
Transifex exports. This should make it easier to see the content changes
when translations are pulled from Transifex for the first time.
2014-04-08 04:35:21 +02:00
cketti
eaa12d2bd4 Sync translations (and remove place holders) 2014-04-08 04:35:21 +02:00
Joe Steele
daea7f1ecd Eliminate the 'if available' connection security options
These options originated in the AOSP email client from which K-9 Mail was
forked.  They provide an odd combination of 2 features:

1. Don't bother to authenticate the server's certificate (applies to both
SSL/TLS and STARTTLS); i.e., blindly accept all certificates.  This is
generally a bad security policy which is susceptible to MITM attacks.

2. If STARTTLS is selected but the server doesn't claim to support
STARTTLS, then proceed without using encryption.  This, too, is a bad
security policy which is susceptible to MITM attacks.

Since the time that K-9 Mail was forked, a couple things have changed:

> K-9 Mail has implemented the ability for users to review and permanently
accept individual certificates that would otherwise fail authentication.
With this ability, there is no need for a user to subject themselves to
the ongoing risks of feature 1. above.  Hence, this commit removes feature
1.

> The AOSP email client has changed its behavior and no longer permits a
security downgrade to an unencrypted connection if the server doesn't
claim to support STARTTLS (i.e., they eliminated feature 2. above). K-9
Mail should do the same.  It's unlikely that a server is going to provide
STARTTLS on an intermittent basis, so providing a contingency for such
unusual behavior is an unnecessary risk.  Hence, this commit removes that
feature as well.

Effect on existing users:

If the old connection security setting was "SSL/TLS (if available)" (which
now gets remapped to "SSL/TLS"), and the server does not provide a
certificate that can be authenticated, then a "Certificate error for
<account name>" notification is generated telling the user to check their
server settings.  Tapping the notification takes the user to the relevant
server settings, where the user can tap "Next" to review the certificate
and choose to permanently accept it.  This process would occur during the
first syncing of folders after application upgrade or (in the case of
SMTP) during the first attempt to send a message.

If the connection security setting was "STARTTLS (if available)" (which
now gets remapped to "STARTTLS"), and the server does not provide a
certificate that can be authenticated, then the same process as above
would occur.

If the old connection security setting was "STARTTLS (if available)", and
the server doesn't claim to support STARTTLS, then the user would get a
certificate error notification which would lead them to the server's
settings.  There they would need to choose a different connection security
-- most likely "NONE".  If they didn't change anything but instead just
tapped "Next", the server settings would be checked again and a dialog
would pop up saying, "Cannot connect to server. (STARTTLS connection
security not available)". (The implementation of notifications when
STARTTLS is not available is not actually included here -- it's in the
commit that follows.)

Regarding the changes to providers.xml:  in cases where the scheme ended
with "+ssl", the schemes were simply updated by appending "+".  In cases
where the scheme ended with "+tls", a check of the server was made to
assure that STARTTLS was available before appending "+" to the scheme.
Domains paran.com and nate.com failed the check and were removed because
no current information could be found.  Domains me.com and mac.com also
failed and were updated based on http://support.apple.com/kb/ht4864.
2014-03-03 17:23:00 -05:00
cketti
1279d597ac Fix format of Lithuanian translation 2013-10-19 18:27:08 +02:00
cketti
43d1084047 Run script to sync translations 2013-10-19 18:03:50 +02:00
gymka
418a8d9f67 Add Lithuanian translation 2013-10-19 17:25:05 +02:00