1
0
mirror of https://github.com/moparisthebest/k-9 synced 2024-12-18 05:42:15 -05:00
Commit Graph

5189 Commits

Author SHA1 Message Date
Joe Steele
64fd04ece2 POP3 authentication improvements
Changes:

Extract code and create login() and authCramMD5() methods.

Implement the SASL PLAIN authentication mechanism.  Its primary benefit is
the explicit support for UTF-8.  If the user has configured "PLAIN"
authentication, then SASL PLAIN will be used, if available, otherwise
login() will be used.

Implement POP3 APOP authentication (issue 3218).  If the user has
configured "CRAM_MD5" authentication (a future commit will change this
user option to a localized string "Encrypted password"), then SASL
CRAM-MD5 will be used, if available, otherwise the availability of POP3
APOP will be checked and used (per RFC 2449, there is no APOP
"capability").

Extend getCapabilities() to check for available authentication methods by
sending the "AUTH" command with no arguments
(http://tools.ietf.org/html/draft-myers-sasl-pop3-05).  This never became
a standard, but there are servers that support it, and Thunderbird
includes this check.

The SASL PLAIN and CRAM-MD5 authentication methods are not attempted
unless the server professes to have the appropriate capability.
(Previously, CRAM-MD5 was tried regardless of capability.)  No check is
made for the USER capability prior to use of that method.  All this is the
same behavior as in Thunderbird.

Eliminate the testing for capabilities in cases where the test results are
never used (PIPELINING, USER).

Change when getCapabilities() is called.  It is called once upon
connection.  If STARTTLS is negotiated (POP3 STLS), then
getCapabilities() is called again after the connection is encrypted (and
the server is authenticated), but before user authentication is attempted.
2014-02-25 15:22:32 -05:00
Joe Steele
26491676fa Retrict use of AuthenticationFailedException
In AccountSetupCheckSettings.onCreate(Bundle), the account settings are
checked.

If an AuthenticationFailedException occurs, A dialog saying "Username or
password incorrect." pops up.  We don't want to say this if the cause is
not related to an incorrect user name or password.  Instead we want to say
the more generic "Cannot connect to server" which pops up for other
exception types.

This commit attempts to eliminate the use of AuthenticationFailedException
in instances where it could not be due to "Username or password
incorrect."
2014-02-25 15:22:30 -05:00
Joe Steele
3877f58515 (partially) Fix IMAP LOGIN
Previously, the user name and password were being transmitted as IMAP (RFC
3501) quoted strings.

The problem is that quoted strings are only permitted to carry 7-bit
(ASCII) data, whereas user names and passwords entered in K-9 Mail may not
be ASCII, so K-9 was violating the RFC by sending them as quoted strings.

The solution is to transmit the credentials as IMAP literal strings, which
are permitted for user names and passwords, and which permit the
transmission of 8-bit data.

This is only a partial attempt for fixing the LOGIN command for users with
non-ASCII credentials.  The problem is that IMAP permits 8-bit data for
user names and passwords (if transmitted as literals), but the RFC says
nothing about the character encoding for 8-bit data.  This commit encodes
them as UTF-8.

The RFC author's comments on the subject:
http://mailman2.u.washington.edu/pipermail/imap-protocol/2008-February/000822.html

Ideally, users should avoid the LOGIN command and use the SASL PLAIN
mechanism (within TLS) which explicitly permits UTF-8. (K-9 Mail always
chooses PLAIN over LOGIN, when PLAIN is available.)
2014-02-25 15:22:28 -05:00
Joe Steele
6f49ebd975 Permit UTF-8 names & passwords with CRAM-MD5 authentication
CRAM-MD5 (RFC 2195) permits 8-bit data but does not identify its encoding.
Since ASCII does not permit 8-bit data, this commit changes the encoding
to UTF-8.

There is an expired Internet-Draft that proposed that the RFC be changed
to explicitly require UTF-8 encoding of user names and shared secrets.
(But then there's also an expired draft proposing that CRAM-MD5 be retired
to historic status.)

Instead of CRAM-MD5, a better option for users is the SASL PLAIN mechanism
(within TLS) which explicitly permits UTF-8.
2014-02-25 15:22:26 -05:00
Joe Steele
1d1b14da21 Fix ImapStore$ImapConnection.authCramMD5()
See Issue 4492

This method made way too many assumptions about server responses and
should not have been attempting to read and parse them.  That should be
left to ImapResponseParser.
2014-02-25 15:22:24 -05:00
Joe Steele
871ee1cc6c IMAP authentication improvements
Changes:

Implement the PLAIN SASL mechanism.  IMAPv4rev1 assures its availability
so long as the connection is encrypted.  The big advantage of PLAIN over
IMAP "LOGIN" is that PLAIN uses UTF-8 encoding for the user name and
password, whereas "LOGIN" is only safe for 7-bit US-ASCII -- the encoding
of 8-bit data is undefined.

(Note that RFC 6855 says that IMAP "LOGIN" does not support UTF-8, and
clients must use IMAP "AUTHENTICATE" to pass UTF-8 user names and
passwords.)

Honor the "LOGINDISABLED" CAPABILITY (RFC 2595) when the server declares
it.  There's no sense transmitting a password in the clear when it is
known that it will be rejected.

No attempt is made to try CRAM-MD5 if the server doesn't profess to
support it in its CAPABILITY response. (This is the same behavior as
Thunderbird.)

Extract code from ImapConnection.open into new method
ImapConnection.login.

Extract code from ImapConnection.executeSimpleCommand into new method
ImapConnection.readStatusResponse.

Related issues:  6015, 6016
2014-02-25 15:22:22 -05:00
Joe Steele
1091e7af99 Eliminate non-working text replacements
All \r and \n codes have been replaced with <br />, so the patterns in
these replacements don't match anything.

This problem has existed for some time -- since commits 1ea27d7 and
e12dd32.

No attempt is made here to reimplement the replacements because users are
now used to the current behavior without much apparent complaint, and such
replacements are never perfect and can occasionally fail to work as
desired without additional tweaking for special cases.
2014-02-25 12:58:56 -05:00
Joe Steele
1f5e1660a8 build.xml improvements
Modify -pre-bump-check so that it verifies that there is no
existing git tag for the new version.
2014-02-24 17:04:29 -05:00
cketti
fec864a426 Bumped manifest to 4.902 2014-02-23 01:36:17 +01:00
cketti
dd4cbb7d3c Update changelog for 4.902 2014-02-23 01:04:01 +01:00
cketti
8eb68c416a Avoid adding the same recipient twice when using "reply to all"
Fixes issue 6056
2014-02-23 00:30:53 +01:00
cketti
dd5ac0f1c4 Add mailbox.org to list of providers 2014-02-20 22:14:40 +01:00
cketti
1be9272b9b Merge pull request #449 from dnet/cleanup20140215 2014-02-17 20:03:30 +01:00
cketti
70399829c2 Fix indentation and code style 2014-02-17 19:58:22 +01:00
cketti
fab31983ab Fix linkifyText() in the presence of bitcoin URIs 2014-02-17 18:35:40 +01:00
cketti
f89544ea8b Add failing test for HtmlConverter.linkifyText()
There's currently a bug in linkifyText() that can lead to a
StringIndexOutOfBoundsException when the text contains a
bitcoin URI and a "web" URI near the end of the text.
2014-02-17 18:33:33 +01:00
András Veres-Szentkirályi
ab3044c9fa use Set instead of implementation type 2014-02-15 23:59:24 +01:00
András Veres-Szentkirályi
cbbd0bc405 use more idiomatic String.isEmpty() instead of comparing length to 0 2014-02-15 23:59:24 +01:00
András Veres-Szentkirályi
df75853c64 replaced entrySet + getKey with keySet 2014-02-15 23:59:23 +01:00
András Veres-Szentkirályi
3d327763b5 replaced for with for-each loop 2014-02-15 23:59:23 +01:00
András Veres-Szentkirályi
e75dd7df39 replaced for with for-each loop 2014-02-15 23:59:23 +01:00
András Veres-Szentkirályi
8627a3e702 replaced for with for-each loop 2014-02-15 23:59:23 +01:00
András Veres-Szentkirályi
ac1e68af78 use built-in TextUtils.join instead of StringBuilder 2014-02-15 23:59:23 +01:00
András Veres-Szentkirályi
572427cb57 use built-in TextUtils.join instead of StringBuilder 2014-02-15 23:59:23 +01:00
András Veres-Szentkirályi
7ae3a15d7c converted for to for-each loop with short circuit evaluation 2014-02-15 23:59:23 +01:00
András Veres-Szentkirályi
21fe3f6cd2 use built-in TextUtils.join instead of StringBuilder 2014-02-15 23:59:23 +01:00
András Veres-Szentkirályi
1bc3271de3 replaced for with for-each loop and optimized List implementation 2014-02-15 23:59:23 +01:00
András Veres-Szentkirályi
1202f5109a removed unnecessary explicit cast 2014-02-15 23:59:22 +01:00
András Veres-Szentkirályi
e8d3553b2c replaced unnecessary explicit iterator use with for-each loop 2014-02-15 23:59:22 +01:00
András Veres-Szentkirályi
8ac942d828 replaced unnecessary explicit iterator use with for-each loop 2014-02-15 23:59:19 +01:00
András Veres-Szentkirályi
b942bf2889 typofix in comment (desti{o,}nation) 2014-02-15 23:58:31 +01:00
András Veres-Szentkirályi
309a4d6107 Use more efficient entrySet iterator instead of keySet + get()
The loop extracted keys from `folderMap` and then called
`folderMap.get(...)` for every key. If both the key and the value needs
to be iterated on, `Map.entrySet()` is a more efficient solution as it
doesn't require O(n) Map lookups.
2014-02-15 23:58:26 +01:00
András Veres-Szentkirályi
28398dbdad removed unnecessary unboxing followed by reboxing
Since id is a Long, Long.valueOf(long) unboxed the Long to a primitive
long, then reboxed it into a Long instance, which was again unboxed to
allow it to be set as an element of the array of longs. This commit
reduces the number of boxings from 3 to 1.
2014-02-15 21:33:08 +01:00
András Veres-Szentkirályi
0c7740ce86 removed unread field mAccount 2014-02-15 21:30:44 +01:00
cketti
92e9e6d140 Fix version codes in changelog 2014-02-14 01:25:54 +01:00
Jesse Vincent
7701d4ddb2 Bumped manifest to 4.901 2014-02-13 16:34:20 -02:00
cketti
53eac39a90 Extract code to scale the slider value for the message content font setting 2014-02-13 06:04:19 +01:00
cketti
f1682fe517 Update changelog for 4.901 2014-02-13 04:23:25 +01:00
cketti
90f63ba057 Remove old setting for message content font size
- export new setting
- add upgrade code to convert old setting to new format
2014-02-13 04:22:45 +01:00
cketti
3527930f89 Fix 'endless' loop in ImapFolderPusher
Under certain circumstances it's possible that the 'push state' isn't
updated to contain the most recent 'UIDNEXT' value. In that case
ImapFolderPusher.start() would execute the same code path through its
main loop over and over again, preventing the device from going to
sleep.
Rather than changing the code to update the 'push state' in the corner
case that triggers the behavior described above, this commit introduces
another mechanism to track the 'UIDNEXT' value. This should also catch
as of yet unknown cases where the 'push state' isn't properly updated.

At some point in the future I hope we get to a point where we only
persist the 'push state' when we manually stop/restart the service.
During normal operation there's no need to read from/write to storage
all the time.

Fixes issue 4907
2014-02-11 20:17:47 +01:00
cketti
d419fab789 Add support for KitKat's Storage Access Framework
This allows users on KitKat to add multiple attachments at once.
2014-02-10 20:58:50 +01:00
cketti
aec1a38578 Build with SDK 19 2014-02-10 20:43:16 +01:00
Rene Treffer
32e1689255 Enable AOSP builds 2014-02-10 20:00:16 +01:00
Koji Arai
cbddf960b1 Should disable COMPOSE menu item
When message viewing and tap the next icon, menu icons (previous, next, delete and replys) disappears for an instant.
But a compose icon remains, then tap it accidentally.
2014-02-10 19:59:26 +01:00
Koji Arai
94301e7e3b Updated Japanese translation of the changelog. 2014-02-08 09:41:24 +09:00
Koji Arai
0664029a0f Updated Japanese translation. catch up with 4955e34. 2014-02-08 00:52:12 +09:00
cketti
cf228583bc Merge pull request #448
Change message body font size with slider
2014-02-01 00:52:32 +01:00
cketti
6e7fa0df03 Save/restore slider state 2014-02-01 00:49:39 +01:00
cketti
f224483df4 Fix display error in account settings
* correctly initialize summary of 'Server search limit'.
* don't persist value in shared preferences
2014-01-31 22:10:28 +01:00
Sergii Pylypenko
67abde055a Change message body font size with slider, using new setTextZoom() WebView API, from 40% to 250% 2014-01-31 23:09:25 +02:00