1
0
mirror of https://github.com/moparisthebest/k-9 synced 2024-12-18 13:52:18 -05:00
Commit Graph

2966 Commits

Author SHA1 Message Date
Joe Steele
cf3561da5c Trigger certificate chooser when check box checked
For convenience.  Implemented in onCheckChanged().

As a consequence, onCheckChanged() must not be triggered when the instance
state is restored (would occur if the check box state was checked when
saved), otherwise the certificate chooser would pop up once the state was
restored.  Therefore, all listeners have been moved into
initializeViewListeners() which is invoked after the state has been
restored.

Because onCheckChanged() is no longer triggered in
onRestoreInstanceState(), updateViewVisibility() was implemented to
restore the view visibility.
2014-08-11 11:07:56 -04:00
Joe Steele
301ac48a38 Throw CertificateValidationException if EXTERNAL authentication fails
This is done when the SASL EXTERNAL mechanism isn't advertised (indicating
the possibility that the server did not accept the client certificate) or
when the command for authenticating with SASL EXTERNAL fails.

The CertificateValidationException will trigger a notification to the user
that there's an authentication problem that needs addressing.

Also, there were instances where CertificateValidationException was being
thrown with a new CertificateException as the cause for the purpose of
notifying the user when STARTTLS is not available.  This has been slightly
simplified by eliminating the need to include a new CertificateException
as a cause.
2014-08-11 11:07:54 -04:00
Joe Steele
b557ba008c Implement SMTP AUTH EXTERNAL
Also, simplify by using Utility.base64Encode(String) in lieu of
new String(Base64.encodeBase64(String.getBytes())
2014-08-11 11:07:53 -04:00
Joe Steele
c0be0eea12 Use the correct POP3 AUTH command 2014-08-11 11:07:51 -04:00
Joe Steele
fe033e014f Avoid setting conflict warning when SMTP login not required 2014-08-11 11:07:49 -04:00
Joe Steele
65144e3759 Handle client certificate errors
If the alias is empty or null, don't bother using KeyChainKeyManager.

If the alias is not empty, confirm that it is associated with a
certificate, otherwise throw a CertificateValidationException
which will notify the user of the problem and ask the user to
check the server settings.

Likewise, the user is notified if the client certificate was
not accepted by the server.
2014-08-11 11:07:48 -04:00
Joe Steele
231f3645f9 Trigger certificate chooser on authentication change
If the user chooses client certificate authentication,
immediately pop up the certificate chooser.

If the user chooses password authentication, move the focus to the
password View.
2014-08-11 11:07:46 -04:00
Joe Steele
21cc3d9176 Remove ClientCertificateRequiredException
With this commit, KeyChainKeyManager no longer throws the exception and
AccountSetupCheckSettings no longer catches it.

It was being thrown when the server requested a client certificate but no
client certificate alias had been configured for the server.

The code was making the incorrect assumption that the server would only
request a client certificate when such a certificate was *required*.
However, servers can be configured to accept multiple forms of
authentication, including both password authentication and client
certificate authentication.  So a server may request a certificate without
requiring it.  If a user has not configured a client certificate, then
that should not be treated as an error because the configuration may be
valid and the server may accept it.

The only indication that a certificate is *required* is when a
SSLProtocolException is thrown, caused by a SSLHandshakeException
resulting from a fatal handshake alert message received from the server.
Unfortunately, such a message is fairly generic and only "indicates that
the sender was unable to negotiate an acceptable set of security
parameters given the options available."  So there is no definitive way to
know that a client certificate is required.

Also, KeyChainKeyManager.getCertificateChain() and getPrivateKey() no
longer throw IllegalStateException().  These methods are permitted to
return null, and such a response is appropriate if the user has deleted
client certificates from the device.  Again, this may or may not cause the
server to abort the connection, depending on whether the server *requires*
a client certificate.
2014-08-11 11:07:44 -04:00
Joe Steele
fa853f7e1d Remove SslHelper.isClientCertificateSupportAvailable()
The app's minSdkVersion = 15 (Android 4.0.3, Ice Cream Sandwich MR1),
so there's no need to test the API level.

This also removes '@SuppressLint("TrulyRandom")'.  I find no
documentation for it, nor do I find any additional lint errors
with its removal.
2014-08-11 11:07:42 -04:00
Joe Steele
b10b13b865 Force manual setup if using client certificates
Presently, auto-setup doesn't support certificates,
resulting in "Cannot connect to server. (Error
while decoding store URI)".
2014-08-11 11:07:41 -04:00
Joe Steele
88016ae52e Revert unused code changes 2014-08-11 11:07:37 -04:00
Joe Steele
38e9af5320 Don't clear widgets when removing
The user may toggle the checkbox, and then decide to toggle it again.

This also fixes a problem when restoring the activity state.  When the
checkbox was restored as checked, the listener was firing and wiping the
the restored alias.
2014-08-11 11:07:35 -04:00
Joe Steele
acab554ee5 Save/Restore activity state
This assures that changes made to the port setting and to the chosen
client certificate are saved and restored.
2014-08-11 11:07:34 -04:00
Joe Steele
2e981e0c7d Don't trigger validateFields() except on user input
Previously, with settings of Security=SSL and authentication=certificate,
attempting to change Security=None would (of course) be blocked.  So
Security would remain SSL.  But the authentication options would then
include "Password, transmitted insecurely", whereas the option should
have remained as "Normal password" (because the security remained SSL).

The problem could have been fixed with a simple shuffling in
updatePortFromSecurityType() so that updateAuthPlainTextFromSecurityType()
was invoked before mPortView.setText(), but the logic for requiring that
ordering was not plain to see.  (Although no longer necessary, the
shuffling was done as well.)
2014-08-11 11:06:50 -04:00
Joe Steele
c861b27df8 Fix outgoing server settings display
Add test for username == "".

Without it, the mRequireLoginView remains checked, and the empty username
and password boxes are not hidden.

The problem occurs if importing an SMTP server that has an
authenticationType, but no username or password (i.e., no authentication
required).

That's the way settings were exported in 4.904 and before.
2014-08-11 11:06:48 -04:00
Joe Steele
373c7569ed Fix password prompts on account import
Don't prompt if server's AuthType == EXTERNAL

Don't prompt for SMTP servers that don't require authentication
(no user name).
2014-08-11 11:06:46 -04:00
Joe Steele
6d8497a3c3 Fix WebDAV manual account setup
When creating a new account, the Incoming Server Settings screen
was initialized with the user name = PLAIN.
2014-08-11 11:06:45 -04:00
Joe Steele
bef10812d3 Fix so WebDAV does not have STARTTLS auth. type option 2014-08-11 11:06:43 -04:00
Joe Steele
eb68bc0a9d Avoid NPE on export
Occurs when the SMTP server doesn't require authentication
(authenticationType == null).

The javadoc for ServerSettings says that both authenticationType and
connectionSecurity may be null.
2014-08-11 11:06:42 -04:00
Joe Steele
34fd6d3ea7 Import/Export client certificate alias setting 2014-08-11 11:06:40 -04:00
Joe Steele
ada74db8d5 Refactor KeyChainKeyManager()'s sClientCertificateReferenceWorkaround
The referenced issue states that it is only applicable to Android < 4.2
(testing confirms the problem on 4.1.2, but not on 4.2.2).

A test was added for the version code, primarily as a finder's aid for a
day when K-9 Mail no longer supports Android < 4.2 and the work-around can
be removed.

The referenced issue also states that it is only necessary to hold a
reference to the first PrivateKey retrieved. (Testing indicates that the
problem is avoided so long at least one reference is always maintained to
a PrivateKey -- it doesn't actually need to be a continuous reference to
the first PrivateKey.)

From my understanding, a normal class loader never unloads a class, so the
static reference can be safely kept privately in KeyChainKeyManager.
2014-08-11 11:06:38 -04:00
Joe Steele
710e7a4430 Notify user of invalid account-setup settings combo
Specifically, warn and block them when attempting to configure Client
Certificate Authentication in combination with Connection Security = None.

If this were not made obvious to the user, they might not understand why
they are not permitted to tap "Next".

Also, move the initialization of all view listeners out of onCreate() into
initializeViewListeners() which is then called near the end of onCreate(),
helping to assure that the listeners won't be triggered during the
initialization of views inside onCreate().
2014-07-28 22:55:34 -04:00
Joe Steele
3c025379d4 Rework validateFields() and updateViewFromAuthType()
Previously, it was possible to have "Require sign-in" unchecked and a
"Security = None" setting for the outgoing server and still not be able to
tap "Next" because of a hidden (and irrelevant) "Authentication = Client
certificate" setting.

Check that the user has actually chosen a client certificate in
AccountSetupOutgoing.validateFields().

Also, there's no need to clear the password and certificate fields when
hiding them.  The user may accidentally change settings and want to change
them back without wiping out the existing settings.
2014-07-13 16:02:21 -04:00
Joe Steele
cf718780f6 Fixes needed after merging in master
Also, fix unit tests.
2014-07-04 19:23:43 -04:00
Joe Steele
3142a9a225 Merge branch 'master' into tls-client-cert-auth
Conflicts:
	src/com/fsck/k9/fragment/ConfirmationDialogFragment.java
2014-07-04 18:08:07 -04:00
cketti
ba69b3a647 Remove ActionBarSherlock 2014-06-21 17:09:45 +02:00
Mike Perry
d67a59b77f Fixes for cketti's code review on pull req #472
Leave the hostname == null checks so we can fall back if a hostname is not
found. Also convert message-id to upper case to match Apple Mail (for
privacy).
2014-06-13 17:49:26 -07:00
Dominik Schürmann
aad171ff7e Client Certificate Authentication 2014-06-05 21:03:18 +02:00
Mike Perry
38c90146e1 Issue 6372: Add preference for setting timezone to UTC.
This is a privacy preference to avoid leaking your current location while
replying to email.
2014-05-27 07:53:50 -07:00
Mike Perry
87802a01ef Issue 4690: Add privacy pref to omit K-9 User-Agent header. 2014-05-27 07:53:18 -07:00
Mike Perry
7ac7fe2cfe Issue 3559: Use From or ReplyTo hostname in Message-ID if available.
I wrote this fix to avoid obviously specifying that I am using a mobile device
to reply to an email.

Others want this for ease of filtering messages from their host by Message-ID.
2014-05-27 07:51:23 -07:00
cketti
082e13df26 Add support for delete confirmation in message list
Fixes issue 6260
2014-05-18 20:21:33 +02:00
cketti
95f33c38fe Merge pull request #468
Extract a TextBodyBuilder class

Conflicts:
	src/com/fsck/k9/activity/MessageCompose.java
2014-05-04 03:54:10 +02:00
Joe Steele
ed3fcf375a Eliminate unused variable & redundant call
There are no side effects.

The subsequent executeOpenPgpMethod() calls
getOpenPgpInputStream() which calls
buildText(false)
2014-05-03 12:58:46 -04:00
Joe Steele
00a60a0f4f Clean up lint items
Eliminate unused variables/fields/imports
2014-05-03 12:51:37 -04:00
Joe Steele
523180020c Don't use enum ordinal as array index, v. 2
This revises commit 51aa34d per the GitHub comments therewith.
2014-05-03 11:44:21 -04:00
Joe Steele
5cc4d7c6a9 Avoid NPE in MessageOpenPgpView.updateLayout()
E/AndroidRuntime(24914): FATAL EXCEPTION: main
E/AndroidRuntime(24914): Process: com.fsck.k9, PID: 24914
E/AndroidRuntime(24914): java.lang.NullPointerException
E/AndroidRuntime(24914):    at org.openintents.openpgp.util.OpenPgpServiceConnection.<init>(OpenPgpServiceConnection.java:35)
E/AndroidRuntime(24914):    at com.fsck.k9.view.MessageOpenPgpView.updateLayout(MessageOpenPgpView.java:115)
E/AndroidRuntime(24914):    at com.fsck.k9.view.SingleMessageView.setMessage(SingleMessageView.java:623)
E/AndroidRuntime(24914):    at com.fsck.k9.fragment.MessageViewFragment$Listener$2.run(MessageViewFragment.java:602)
E/AndroidRuntime(24914):    at android.os.Handler.handleCallback(Handler.java:733)
E/AndroidRuntime(24914):    at android.os.Handler.dispatchMessage(Handler.java:95)
E/AndroidRuntime(24914):    at android.os.Looper.loop(Looper.java:136)
E/AndroidRuntime(24914):    at android.app.ActivityThread.main(ActivityThread.java:5081)
E/AndroidRuntime(24914):    at java.lang.reflect.Method.invokeNative(Native Method)
E/AndroidRuntime(24914):    at java.lang.reflect.Method.invoke(Method.java:515)
E/AndroidRuntime(24914):    at com.android.internal.os.ZygoteInit$MethodAndArgsCaller.run(ZygoteInit.java:791)
E/AndroidRuntime(24914):    at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:607)
E/AndroidRuntime(24914):    at dalvik.system.NativeStart.main(Native Method)
2014-05-03 11:43:05 -04:00
Joe Steele
e0ce5fc4ce Eliminate superclass callbacks
Service components don't need to call
super.onCreate() and super.onDestroy()
2014-05-03 10:36:36 -04:00
cketti
e2cffa074f Update/remove comments 2014-05-03 06:33:33 +02:00
cketti
a9cfa9ae68 Code style
No functional changes
2014-05-03 06:13:38 +02:00
Koji Arai
3a02bfb0a9 I have deleted a change in 0323af0. 2014-05-03 06:12:56 +02:00
Koji Arai
215ada2e77 astyle 2014-05-02 13:21:35 +09:00
Koji Arai
4260dc75d3 more refactor about quoted text 2014-05-02 10:45:20 +09:00
Koji Arai
68850b1dc9 Use setter for quoted text like signature 2014-05-02 09:43:14 +09:00
Koji Arai
e163fb87e1 set signature parameter when it is only necessary 2014-05-02 09:06:23 +09:00
Koji Arai
00fb83e1b3 fixup! Use local variable for more readability 2014-05-02 08:49:01 +09:00
Koji Arai
421879e9cf Remove unused getter 2014-05-02 08:39:07 +09:00
Koji Arai
56a48476e4 Rename mDraft to mInsertSeparator. 2014-05-02 08:36:46 +09:00
Koji Arai
a08687b70e Use local variable for more readability. 2014-05-02 08:28:50 +09:00
Koji Arai
6155a65f65 Refactoring: extract a class TextBodyBuilder 2014-05-02 01:33:39 +09:00