1
0
mirror of https://github.com/moparisthebest/k-9 synced 2024-11-27 11:42:16 -05:00
Commit Graph

3094 Commits

Author SHA1 Message Date
Dominik Schürmann
05d8fb5e42 Hide client cert option under advanced options dropdown 2014-08-27 11:48:49 +02:00
Dominik Schürmann
2a1733564e Add FoldableLinearLayout for advanced options 2014-08-27 11:30:53 +02:00
Joe Steele
e4d26b8c75 Remove code for unsupported API levels
An assortment of miscellaneous changes, each usually limited in scope to a
single file.
2014-08-19 17:17:55 -04:00
Joe Steele
bc60c860b8 Remove com.fsck.k9.helper.NotificationBuilder
Only useful on pre-Honeycomb devices.
2014-08-19 17:17:52 -04:00
Joe Steele
786511ed88 Simplify ClipboardManager
No longer API dependent.
2014-08-19 17:17:50 -04:00
Joe Steele
028f6f9055 Remove AccessibleWebView
Only used on pre-ICS devices
2014-08-19 17:17:48 -04:00
Joe Steele
0fba273357 Remove the obsolete "Condensed layout" preference 2014-08-19 17:17:45 -04:00
Joe Steele
8166f03e87 Remove obsolete "Show unread count" preference
Only applies to pre-Honeycomb devices
2014-08-19 17:17:42 -04:00
Joe Steele
af77bbd1bc Eliminate obsolete background data sync option
It only applied to pre-ICS devices.

ConnectivityManager.ACTION_BACKGROUND_DATA_SETTING_CHANGED is no longer
broadcast.

ConnectivityManager.getBackgroundDataSetting() always returns true.
2014-08-19 17:14:44 -04:00
Joe Steele
c472b89d23 Additional 'Show password' changes after merging master 2014-08-19 16:48:11 -04:00
Joe Steele
1783dd1a63 Merge branch 'master' into tls-client-cert-auth
Conflicts:
	res/layout/account_setup_basics.xml
	res/values/strings.xml
	src/com/fsck/k9/activity/setup/AccountSetupBasics.java
2014-08-19 16:19:02 -04:00
Joe Steele
b39f9b95f1 Move initializeViewListeners() to onPostCreate()
Per comments in PR #474

https://github.com/k9mail/k-9/pull/474#commitcomment-7417262
2014-08-19 15:50:32 -04:00
Joe Steele
f7fb0cca41 Compare Enum types with ==, !=
Per comments in PR #473

https://github.com/k9mail/k-9/pull/474#commitcomment-7416979

https://github.com/k9mail/k-9/pull/474#commitcomment-7416999
2014-08-18 18:12:39 -04:00
pylerSM
a495627d72 Show password feature 2014-08-18 13:06:25 +02:00
cketti
a659393326 Make fields in KeyChainKeyManager final 2014-08-18 05:18:38 +02:00
cketti
ac08f520ae Remove KeyChainKeyManager's dependency on 'K9.app' 2014-08-18 05:08:01 +02:00
cketti
4ce2a56b0c Synchronize access to sClientCertificateReferenceWorkaround
Also, refactor for easier readability.
2014-08-18 04:59:57 +02:00
Joe Steele
c881207295 Use isFinishing() instead
As suggested by @maniac103
https://github.com/k9mail/k-9/commit/41570e4#commitcomment-7388209
2014-08-14 16:22:51 -04:00
Joe Steele
c8f6c4d625 Eliminate searching for '3' in exception message
This was dead code.  The exception message will always start with either
"SMTP response is 0 length" from checkLine() or else "Negative SMTP reply"
from NegativeSmtpReplyException().

The problem originated from way back before 4.904.
2014-08-11 11:08:51 -04:00
Joe Steele
21237c3720 KeyChainKeyManager modifications
The constructor now saves the certificate chain, so the code to retrieve
it again or to perform any additional error checking in
getCertificateChain() is no longer needed.

The constructor now retrieves and saves the private key so that any
resulting errors are detected sooner.

Methods that retrieve the alias perform checks to assure that the client
cert. satisfies the requested issuers and key type.  It's known that
Sendmail may provide a list of issuers in its certificate request, but
then may authenticate against a much larger set of CAs, but then later
reject the mail because the client certificate was not acceptable.
Vetting against the issuer list helps detect such certificate problems
sooner (upon connection) rather than later (upon transmission of mail).
Earlier error detection is necessary so that errors may be presented to
the user during account setup.

Portions of these modifications are based on code from KeyManagerImpl:
https://android.googlesource.com/platform/external/conscrypt/+/master/src/main/java/org/conscrypt/KeyManagerImpl.java
2014-08-11 11:08:26 -04:00
Joe Steele
2b05f90d4d Move KeyChainKeyManager
Move KeyChainKeyManager to com.fsck.k9.net.ssl because it is used by
SslHelper and because the class extends X509ExtendedKeyManager, which is
in javax.net.ssl.
2014-08-11 11:08:24 -04:00
Joe Steele
c5085be2ca Restore view visibility based on restored CheckBox state
The problem can be observed if, when modifying the outgoing server
settings, you change the state of the mRequireLoginView check box,
then change the screen orientation.

This is necessary because the OnCheckChanged listener (which
normally updates the view visibility) is not yet set. (The listeners
are set up after view initialization so that they only fire on
user input.)
2014-08-11 11:08:22 -04:00
Joe Steele
346d903ec3 Only trigger certificate chooser on user input
It should not be triggered when the instance state is restored
with an AuthType spinner selection of EXTERNAL.

The logic here for the AuthType spinner is similar to that of
the parent commit for the SecurityType spinner.
2014-08-11 11:08:20 -04:00
Joe Steele
5d5fab3081 Fix default port setting reversion
The problem:  begin modifying the server settings by changing the security
type (which will change the port to a default value), then change the port
to a custom value, then change screen orientation.  The default port value
is restored, wiping out the custom value.

When onRestoreInstanceState() is called, the custom port value is
restored.  But the spinner doesn't actually restore its state at that
time.  Instead, it waits until View.layout(), at which time it posts a
runnable to call onItemSelected() if the restored state doesn't match the
state initialized in onCreate().  When onItemSelected() is eventually run
sometime later, it wipes out the custom port value that was restored.

The solution is to keep track of the spinner state ourselves and only
revert the port to a default when we see the spinner state changed by the
user.

This problem goes back to 4.904 and before.
2014-08-11 11:07:58 -04:00
Joe Steele
cf3561da5c Trigger certificate chooser when check box checked
For convenience.  Implemented in onCheckChanged().

As a consequence, onCheckChanged() must not be triggered when the instance
state is restored (would occur if the check box state was checked when
saved), otherwise the certificate chooser would pop up once the state was
restored.  Therefore, all listeners have been moved into
initializeViewListeners() which is invoked after the state has been
restored.

Because onCheckChanged() is no longer triggered in
onRestoreInstanceState(), updateViewVisibility() was implemented to
restore the view visibility.
2014-08-11 11:07:56 -04:00
Joe Steele
301ac48a38 Throw CertificateValidationException if EXTERNAL authentication fails
This is done when the SASL EXTERNAL mechanism isn't advertised (indicating
the possibility that the server did not accept the client certificate) or
when the command for authenticating with SASL EXTERNAL fails.

The CertificateValidationException will trigger a notification to the user
that there's an authentication problem that needs addressing.

Also, there were instances where CertificateValidationException was being
thrown with a new CertificateException as the cause for the purpose of
notifying the user when STARTTLS is not available.  This has been slightly
simplified by eliminating the need to include a new CertificateException
as a cause.
2014-08-11 11:07:54 -04:00
Joe Steele
b557ba008c Implement SMTP AUTH EXTERNAL
Also, simplify by using Utility.base64Encode(String) in lieu of
new String(Base64.encodeBase64(String.getBytes())
2014-08-11 11:07:53 -04:00
Joe Steele
c0be0eea12 Use the correct POP3 AUTH command 2014-08-11 11:07:51 -04:00
Joe Steele
fe033e014f Avoid setting conflict warning when SMTP login not required 2014-08-11 11:07:49 -04:00
Joe Steele
65144e3759 Handle client certificate errors
If the alias is empty or null, don't bother using KeyChainKeyManager.

If the alias is not empty, confirm that it is associated with a
certificate, otherwise throw a CertificateValidationException
which will notify the user of the problem and ask the user to
check the server settings.

Likewise, the user is notified if the client certificate was
not accepted by the server.
2014-08-11 11:07:48 -04:00
Joe Steele
231f3645f9 Trigger certificate chooser on authentication change
If the user chooses client certificate authentication,
immediately pop up the certificate chooser.

If the user chooses password authentication, move the focus to the
password View.
2014-08-11 11:07:46 -04:00
Joe Steele
21cc3d9176 Remove ClientCertificateRequiredException
With this commit, KeyChainKeyManager no longer throws the exception and
AccountSetupCheckSettings no longer catches it.

It was being thrown when the server requested a client certificate but no
client certificate alias had been configured for the server.

The code was making the incorrect assumption that the server would only
request a client certificate when such a certificate was *required*.
However, servers can be configured to accept multiple forms of
authentication, including both password authentication and client
certificate authentication.  So a server may request a certificate without
requiring it.  If a user has not configured a client certificate, then
that should not be treated as an error because the configuration may be
valid and the server may accept it.

The only indication that a certificate is *required* is when a
SSLProtocolException is thrown, caused by a SSLHandshakeException
resulting from a fatal handshake alert message received from the server.
Unfortunately, such a message is fairly generic and only "indicates that
the sender was unable to negotiate an acceptable set of security
parameters given the options available."  So there is no definitive way to
know that a client certificate is required.

Also, KeyChainKeyManager.getCertificateChain() and getPrivateKey() no
longer throw IllegalStateException().  These methods are permitted to
return null, and such a response is appropriate if the user has deleted
client certificates from the device.  Again, this may or may not cause the
server to abort the connection, depending on whether the server *requires*
a client certificate.
2014-08-11 11:07:44 -04:00
Joe Steele
fa853f7e1d Remove SslHelper.isClientCertificateSupportAvailable()
The app's minSdkVersion = 15 (Android 4.0.3, Ice Cream Sandwich MR1),
so there's no need to test the API level.

This also removes '@SuppressLint("TrulyRandom")'.  I find no
documentation for it, nor do I find any additional lint errors
with its removal.
2014-08-11 11:07:42 -04:00
Joe Steele
b10b13b865 Force manual setup if using client certificates
Presently, auto-setup doesn't support certificates,
resulting in "Cannot connect to server. (Error
while decoding store URI)".
2014-08-11 11:07:41 -04:00
Joe Steele
88016ae52e Revert unused code changes 2014-08-11 11:07:37 -04:00
Joe Steele
38e9af5320 Don't clear widgets when removing
The user may toggle the checkbox, and then decide to toggle it again.

This also fixes a problem when restoring the activity state.  When the
checkbox was restored as checked, the listener was firing and wiping the
the restored alias.
2014-08-11 11:07:35 -04:00
Joe Steele
acab554ee5 Save/Restore activity state
This assures that changes made to the port setting and to the chosen
client certificate are saved and restored.
2014-08-11 11:07:34 -04:00
Joe Steele
2e981e0c7d Don't trigger validateFields() except on user input
Previously, with settings of Security=SSL and authentication=certificate,
attempting to change Security=None would (of course) be blocked.  So
Security would remain SSL.  But the authentication options would then
include "Password, transmitted insecurely", whereas the option should
have remained as "Normal password" (because the security remained SSL).

The problem could have been fixed with a simple shuffling in
updatePortFromSecurityType() so that updateAuthPlainTextFromSecurityType()
was invoked before mPortView.setText(), but the logic for requiring that
ordering was not plain to see.  (Although no longer necessary, the
shuffling was done as well.)
2014-08-11 11:06:50 -04:00
Joe Steele
c861b27df8 Fix outgoing server settings display
Add test for username == "".

Without it, the mRequireLoginView remains checked, and the empty username
and password boxes are not hidden.

The problem occurs if importing an SMTP server that has an
authenticationType, but no username or password (i.e., no authentication
required).

That's the way settings were exported in 4.904 and before.
2014-08-11 11:06:48 -04:00
Joe Steele
373c7569ed Fix password prompts on account import
Don't prompt if server's AuthType == EXTERNAL

Don't prompt for SMTP servers that don't require authentication
(no user name).
2014-08-11 11:06:46 -04:00
Joe Steele
6d8497a3c3 Fix WebDAV manual account setup
When creating a new account, the Incoming Server Settings screen
was initialized with the user name = PLAIN.
2014-08-11 11:06:45 -04:00
Joe Steele
bef10812d3 Fix so WebDAV does not have STARTTLS auth. type option 2014-08-11 11:06:43 -04:00
Joe Steele
eb68bc0a9d Avoid NPE on export
Occurs when the SMTP server doesn't require authentication
(authenticationType == null).

The javadoc for ServerSettings says that both authenticationType and
connectionSecurity may be null.
2014-08-11 11:06:42 -04:00
Joe Steele
34fd6d3ea7 Import/Export client certificate alias setting 2014-08-11 11:06:40 -04:00
Joe Steele
ada74db8d5 Refactor KeyChainKeyManager()'s sClientCertificateReferenceWorkaround
The referenced issue states that it is only applicable to Android < 4.2
(testing confirms the problem on 4.1.2, but not on 4.2.2).

A test was added for the version code, primarily as a finder's aid for a
day when K-9 Mail no longer supports Android < 4.2 and the work-around can
be removed.

The referenced issue also states that it is only necessary to hold a
reference to the first PrivateKey retrieved. (Testing indicates that the
problem is avoided so long at least one reference is always maintained to
a PrivateKey -- it doesn't actually need to be a continuous reference to
the first PrivateKey.)

From my understanding, a normal class loader never unloads a class, so the
static reference can be safely kept privately in KeyChainKeyManager.
2014-08-11 11:06:38 -04:00
Philipp Haselwarter
7aa4c1308e Configure mail notifications by folder class
In response to Issue 1794,
- add a configuration option in the account preferences to show
  notifications only for 1st/2nd/etc class folders
- add an option in the folder preferences to set the notification class
  as 1st, 2nd or inherited from the folder's push class

The default behaviour remains unchanged.
2014-08-06 11:04:07 +02:00
Joe Steele
41570e4305 Fix leaked window error in FolderList
Observed after wiping data and then tapping a launcher shortcut
for an account.
2014-07-30 19:26:43 -04:00
Joe Steele
fe49a5f005 Avoid NPE in MessageOpenPgpView.handleError()
E/AndroidRuntime(25655): FATAL EXCEPTION: main
E/AndroidRuntime(25655): Process: com.fsck.k9, PID: 25655
E/AndroidRuntime(25655): java.lang.NullPointerException
E/AndroidRuntime(25655):     at com.fsck.k9.view.MessageOpenPgpView.handleError(MessageOpenPgpView.java:385)
E/AndroidRuntime(25655):     at com.fsck.k9.view.MessageOpenPgpView.access$3(MessageOpenPgpView.java:384)
E/AndroidRuntime(25655):     at com.fsck.k9.view.MessageOpenPgpView$DecryptVerifyCallback.onReturn(MessageOpenPgpView.java:357)
E/AndroidRuntime(25655):     at org.openintents.openpgp.util.OpenPgpApi$OpenPgpAsyncTask.onPostExecute(OpenPgpApi.java:195)
E/AndroidRuntime(25655):     at org.openintents.openpgp.util.OpenPgpApi$OpenPgpAsyncTask.onPostExecute(OpenPgpApi.java:1)
E/AndroidRuntime(25655):     at android.os.AsyncTask.finish(AsyncTask.java:632)
E/AndroidRuntime(25655):     at android.os.AsyncTask.access$600(AsyncTask.java:177)
E/AndroidRuntime(25655):     at android.os.AsyncTask$InternalHandler.handleMessage(AsyncTask.java:645)
E/AndroidRuntime(25655):     at android.os.Handler.dispatchMessage(Handler.java:102)
E/AndroidRuntime(25655):     at android.os.Looper.loop(Looper.java:136)
E/AndroidRuntime(25655):     at android.app.ActivityThread.main(ActivityThread.java:5128)
E/AndroidRuntime(25655):     at java.lang.reflect.Method.invokeNative(Native Method)
E/AndroidRuntime(25655):     at java.lang.reflect.Method.invoke(Method.java:515)
E/AndroidRuntime(25655):     at com.android.internal.os.ZygoteInit$MethodAndArgsCaller.run(ZygoteInit.java:795)
E/AndroidRuntime(25655):     at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:611)
E/AndroidRuntime(25655):     at dalvik.system.NativeStart.main(Native Method)
2014-07-30 19:26:41 -04:00
Joe Steele
710e7a4430 Notify user of invalid account-setup settings combo
Specifically, warn and block them when attempting to configure Client
Certificate Authentication in combination with Connection Security = None.

If this were not made obvious to the user, they might not understand why
they are not permitted to tap "Next".

Also, move the initialization of all view listeners out of onCreate() into
initializeViewListeners() which is then called near the end of onCreate(),
helping to assure that the listeners won't be triggered during the
initialization of views inside onCreate().
2014-07-28 22:55:34 -04:00
Joe Steele
3c025379d4 Rework validateFields() and updateViewFromAuthType()
Previously, it was possible to have "Require sign-in" unchecked and a
"Security = None" setting for the outgoing server and still not be able to
tap "Next" because of a hidden (and irrelevant) "Authentication = Client
certificate" setting.

Check that the user has actually chosen a client certificate in
AccountSetupOutgoing.validateFields().

Also, there's no need to clear the password and certificate fields when
hiding them.  The user may accidentally change settings and want to change
them back without wiping out the existing settings.
2014-07-13 16:02:21 -04:00
Matthias Wächter
acd756e642 Fixed https://github.com/typingArtist/k-9/issues/1. HELO/EHLO IPv6 address literals
are now conforming to RFC5321.
2014-07-05 18:59:48 +02:00
Joe Steele
cf718780f6 Fixes needed after merging in master
Also, fix unit tests.
2014-07-04 19:23:43 -04:00
Joe Steele
3142a9a225 Merge branch 'master' into tls-client-cert-auth
Conflicts:
	src/com/fsck/k9/fragment/ConfirmationDialogFragment.java
2014-07-04 18:08:07 -04:00
cketti
ba69b3a647 Remove ActionBarSherlock 2014-06-21 17:09:45 +02:00
Mike Perry
d67a59b77f Fixes for cketti's code review on pull req #472
Leave the hostname == null checks so we can fall back if a hostname is not
found. Also convert message-id to upper case to match Apple Mail (for
privacy).
2014-06-13 17:49:26 -07:00
Dominik Schürmann
aad171ff7e Client Certificate Authentication 2014-06-05 21:03:18 +02:00
Mike Perry
38c90146e1 Issue 6372: Add preference for setting timezone to UTC.
This is a privacy preference to avoid leaking your current location while
replying to email.
2014-05-27 07:53:50 -07:00
Mike Perry
87802a01ef Issue 4690: Add privacy pref to omit K-9 User-Agent header. 2014-05-27 07:53:18 -07:00
Mike Perry
7ac7fe2cfe Issue 3559: Use From or ReplyTo hostname in Message-ID if available.
I wrote this fix to avoid obviously specifying that I am using a mobile device
to reply to an email.

Others want this for ease of filtering messages from their host by Message-ID.
2014-05-27 07:51:23 -07:00
cketti
082e13df26 Add support for delete confirmation in message list
Fixes issue 6260
2014-05-18 20:21:33 +02:00
cketti
95f33c38fe Merge pull request #468
Extract a TextBodyBuilder class

Conflicts:
	src/com/fsck/k9/activity/MessageCompose.java
2014-05-04 03:54:10 +02:00
Joe Steele
ed3fcf375a Eliminate unused variable & redundant call
There are no side effects.

The subsequent executeOpenPgpMethod() calls
getOpenPgpInputStream() which calls
buildText(false)
2014-05-03 12:58:46 -04:00
Joe Steele
00a60a0f4f Clean up lint items
Eliminate unused variables/fields/imports
2014-05-03 12:51:37 -04:00
Joe Steele
523180020c Don't use enum ordinal as array index, v. 2
This revises commit 51aa34d per the GitHub comments therewith.
2014-05-03 11:44:21 -04:00
Joe Steele
5cc4d7c6a9 Avoid NPE in MessageOpenPgpView.updateLayout()
E/AndroidRuntime(24914): FATAL EXCEPTION: main
E/AndroidRuntime(24914): Process: com.fsck.k9, PID: 24914
E/AndroidRuntime(24914): java.lang.NullPointerException
E/AndroidRuntime(24914):    at org.openintents.openpgp.util.OpenPgpServiceConnection.<init>(OpenPgpServiceConnection.java:35)
E/AndroidRuntime(24914):    at com.fsck.k9.view.MessageOpenPgpView.updateLayout(MessageOpenPgpView.java:115)
E/AndroidRuntime(24914):    at com.fsck.k9.view.SingleMessageView.setMessage(SingleMessageView.java:623)
E/AndroidRuntime(24914):    at com.fsck.k9.fragment.MessageViewFragment$Listener$2.run(MessageViewFragment.java:602)
E/AndroidRuntime(24914):    at android.os.Handler.handleCallback(Handler.java:733)
E/AndroidRuntime(24914):    at android.os.Handler.dispatchMessage(Handler.java:95)
E/AndroidRuntime(24914):    at android.os.Looper.loop(Looper.java:136)
E/AndroidRuntime(24914):    at android.app.ActivityThread.main(ActivityThread.java:5081)
E/AndroidRuntime(24914):    at java.lang.reflect.Method.invokeNative(Native Method)
E/AndroidRuntime(24914):    at java.lang.reflect.Method.invoke(Method.java:515)
E/AndroidRuntime(24914):    at com.android.internal.os.ZygoteInit$MethodAndArgsCaller.run(ZygoteInit.java:791)
E/AndroidRuntime(24914):    at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:607)
E/AndroidRuntime(24914):    at dalvik.system.NativeStart.main(Native Method)
2014-05-03 11:43:05 -04:00
Joe Steele
e0ce5fc4ce Eliminate superclass callbacks
Service components don't need to call
super.onCreate() and super.onDestroy()
2014-05-03 10:36:36 -04:00
cketti
e2cffa074f Update/remove comments 2014-05-03 06:33:33 +02:00
cketti
a9cfa9ae68 Code style
No functional changes
2014-05-03 06:13:38 +02:00
Koji Arai
3a02bfb0a9 I have deleted a change in 0323af0. 2014-05-03 06:12:56 +02:00
Koji Arai
215ada2e77 astyle 2014-05-02 13:21:35 +09:00
Koji Arai
4260dc75d3 more refactor about quoted text 2014-05-02 10:45:20 +09:00
Koji Arai
68850b1dc9 Use setter for quoted text like signature 2014-05-02 09:43:14 +09:00
Koji Arai
e163fb87e1 set signature parameter when it is only necessary 2014-05-02 09:06:23 +09:00
Koji Arai
00fb83e1b3 fixup! Use local variable for more readability 2014-05-02 08:49:01 +09:00
Koji Arai
421879e9cf Remove unused getter 2014-05-02 08:39:07 +09:00
Koji Arai
56a48476e4 Rename mDraft to mInsertSeparator. 2014-05-02 08:36:46 +09:00
Koji Arai
a08687b70e Use local variable for more readability. 2014-05-02 08:28:50 +09:00
Koji Arai
6155a65f65 Refactoring: extract a class TextBodyBuilder 2014-05-02 01:33:39 +09:00
Koji Arai
615a1ae9a7 Remove duplicate code. use Utility.hasConnectivity() 2014-04-28 15:36:07 +09:00
cketti
51aa34d52b Don't use enum ordinal as array index
This fixes a crash when setting up WebDAV accounts.
2014-04-27 03:29:06 +02:00
Thialfihar
b765988423 Fix APG legacy encryption 2014-04-09 19:45:37 +02:00
cketti
5640dece0f Merge pull request #462 from open-keychain/openpgp
OpenPGP: Hide lookup key button explicitly if not needed
2014-04-08 22:18:18 +02:00
cketti
510195bce7 Explicitly use the default locale 2014-04-07 20:35:16 +02:00
cketti
5c59b25367 Fix (bad) manual boxing
Fixes UseValueOf lint warning
2014-04-07 20:12:46 +02:00
cketti
8b93d37b39 Suppress warning about "inlined API" 2014-04-07 20:00:14 +02:00
cketti
ab72aa0dd7 Don't reuse IDs 2014-04-07 19:17:50 +02:00
cketti
c53973910f View class referenced from a layout should be public 2014-04-07 18:53:47 +02:00
cketti
6a6e9979e2 Fix potential ClassCastException
Implemented the fix suggested by zjw in pull request #463
https://github.com/k9mail/k-9/pull/463

Fixes issue 5928
2014-04-07 17:46:39 +02:00
Dominik Schürmann
c36ef88e64 Hide lookup key button explicitly, previously it was still visible after downloading a key 2014-04-03 15:42:57 +02:00
cketti
49dbaf034c Try to use the correct identity with OpenPGP API's EXTRA_ACCOUNT_NAME 2014-04-01 02:44:47 +02:00
cketti
cc8353d255 Merge pull request #457 from openpgp-keychain/openpgp
OpenPGP Provider API
2014-04-01 02:44:32 +02:00
Dominik Schürmann
6175c4c72d Use identity instead of account in MessageCompose, simplify account naming 2014-04-01 00:16:14 +02:00
Dominik Schürmann
974a73b07d Use new account extra to allow multiple accounts 2014-03-26 22:11:19 +01:00
cketti
5c93f105ea Avoid NullPointerException reported via Google Play 2014-03-23 00:39:10 +01:00
Joe Steele
bd4b7d3664 Issue 6280 -- SMTP Setup: ArrayIndexOutOfBoundsException: length=0; index=0
When the outgoing server settings don't require
authentication, userInfoParts.length == 0.
2014-03-20 10:56:02 -04:00
Joe Steele
95f62785fc Eliminate unused field/parameter 2014-03-20 09:47:43 -04:00
Joe Steele
b490773546 Include send failures in the K9mail-errors folder 2014-03-11 19:22:36 -04:00
Joe Steele
01d2247ffd Change POP3 error response detection
Instead of interpreting a "-" at the beginning of a line as
an error response, consider the absence of a "+" at the
beginning of a line as an error response.

This is what Thunderbird does.

http://hg.mozilla.org/releases/comm-esr24/file/55e96a433bd1/mailnews/local/src/nsPop3Protocol.cpp#l1177

The problem arises with godaddy servers spewing additional
lines of data upon login failure.  The login was being
interpreted as successful, and a STAT commanded was subsequently
being sent, resulting in a dialog saying 'Cannot connect to
server. (Invalid int: "auth_error:")'.

$ openssl s_client -quiet -crlf -connect pop.secureserver.net:995
...
+OK <24984.1394317012@pop.secureserver.net>
user testuser
+OK
pass testpass
testuser not found in the auth database
warning: auth_error: authorization failed (no such object)
-ERR authorization failed  Check your server settings.
2014-03-11 19:10:14 -04:00
Joe Steele
dc920b8641 Use the mApplication field in lieu of K9.app 2014-03-11 19:08:49 -04:00
Joe Steele
e475e51731 Rework handling of certificate errors while pushing
Eliminate import of MessagingController in ImapStore.
2014-03-11 19:08:09 -04:00
Joe Steele
a7898fa2eb Fix issue 6269: IMAP LOGIN failure
Some IMAP servers are broken and don't correctly handle string
literals with the LOGIN command.

This switches to using quoted strings instead.

This is what Thunderbird does.
2014-03-11 19:06:00 -04:00
cketti
c2abfbe165 Exclude error folder from unread/starred count 2014-03-09 05:00:42 +01:00
Dominik Schürmann
949f8ae47e Fix documentation and variable naming 2014-03-06 13:58:06 +01:00
cketti
567ba9c712 Enable connection security by default when setting up an account 2014-03-05 06:47:59 +01:00
cketti
3ca03e8a9d Use SSL/TLS as fallback when importing server settings 2014-03-05 06:29:56 +01:00
cketti
ff5edf43d4 Merge branch 'pr/453'
Authentication changes

 message to explain why this merge is necessary,
2014-03-05 06:19:55 +01:00
cketti
617123c58b Remove SimpleX509TrustManager because it's no longer used 2014-03-05 06:03:06 +01:00
cketti
75fc76773d Make sure settings import doesn't degrade connection security
Rewrite the now obsolete values "SSL_TLS_OPTIONAL" and "STARTTLS_OPTIONAL"
 to their "*_REQUIRED" counterparts before import.
2014-03-05 05:32:00 +01:00
cketti
0a63466704 Add missing import 2014-03-05 04:16:57 +01:00
Dominik Schürmann
6881daae6a Remove debug logs 2014-03-04 22:11:42 +01:00
Dominik Schürmann
f5b1ed920b Handle SIGNATURE_SUCCESS_UNCERTIFIED, code cleanup 2014-03-04 15:10:20 +01:00
Joe Steele
094318dacb Use buffered output streams for all output
POP3 already does this.

This is a more general solution to the problem
addressed in commit 8bfd6ca.
2014-03-03 17:31:26 -05:00
Joe Steele
df3eef0052 Fix the K9mail-errors folder
Error messages were not being put in the folder because of a problem with
how loopCatch was being handled.

It looks like this problem goes back to commit 5aea9e7.

Additional device info has been added to the error messages.

Also, now the feature is only enabled in debug mode.
2014-03-03 17:31:23 -05:00
Joe Steele
c8150a12fa Show account name in certificate error notifications
getName() shows the user's name from the first identity for the account.

What we really want is getDescription(), which is the account name that
shows in the account list.
2014-03-03 17:31:20 -05:00
Joe Steele
d67c054d4d Restart pushers after editing server settings
If an error occurs while connecting for push (for example, if the server's
certificate fails authentication), several more attempts will be made to
connect, then finally all attempts will cease.

This commit makes it so that pushers are restarted if the user goes in and
edits the server settings (presumably because the user was notified of a
problem and is attempting to fix it).  Without this, the user could fix
the problem and would still not receive email via push.
2014-03-03 17:29:54 -05:00
Joe Steele
9dc5338501 Eliminate WebDAV STARTTLS security choice
STARTTLS doesn't really apply to WebDAV and should never have been made
available as an option.

Pre-existing settings will be re-mapped to SSL/TLS.
2014-03-03 17:29:51 -05:00
Joe Steele
14a0a7a2a7 Provide notification if STARTTLS is not available 2014-03-03 17:29:48 -05:00
Joe Steele
daea7f1ecd Eliminate the 'if available' connection security options
These options originated in the AOSP email client from which K-9 Mail was
forked.  They provide an odd combination of 2 features:

1. Don't bother to authenticate the server's certificate (applies to both
SSL/TLS and STARTTLS); i.e., blindly accept all certificates.  This is
generally a bad security policy which is susceptible to MITM attacks.

2. If STARTTLS is selected but the server doesn't claim to support
STARTTLS, then proceed without using encryption.  This, too, is a bad
security policy which is susceptible to MITM attacks.

Since the time that K-9 Mail was forked, a couple things have changed:

> K-9 Mail has implemented the ability for users to review and permanently
accept individual certificates that would otherwise fail authentication.
With this ability, there is no need for a user to subject themselves to
the ongoing risks of feature 1. above.  Hence, this commit removes feature
1.

> The AOSP email client has changed its behavior and no longer permits a
security downgrade to an unencrypted connection if the server doesn't
claim to support STARTTLS (i.e., they eliminated feature 2. above). K-9
Mail should do the same.  It's unlikely that a server is going to provide
STARTTLS on an intermittent basis, so providing a contingency for such
unusual behavior is an unnecessary risk.  Hence, this commit removes that
feature as well.

Effect on existing users:

If the old connection security setting was "SSL/TLS (if available)" (which
now gets remapped to "SSL/TLS"), and the server does not provide a
certificate that can be authenticated, then a "Certificate error for
<account name>" notification is generated telling the user to check their
server settings.  Tapping the notification takes the user to the relevant
server settings, where the user can tap "Next" to review the certificate
and choose to permanently accept it.  This process would occur during the
first syncing of folders after application upgrade or (in the case of
SMTP) during the first attempt to send a message.

If the connection security setting was "STARTTLS (if available)" (which
now gets remapped to "STARTTLS"), and the server does not provide a
certificate that can be authenticated, then the same process as above
would occur.

If the old connection security setting was "STARTTLS (if available)", and
the server doesn't claim to support STARTTLS, then the user would get a
certificate error notification which would lead them to the server's
settings.  There they would need to choose a different connection security
-- most likely "NONE".  If they didn't change anything but instead just
tapped "Next", the server settings would be checked again and a dialog
would pop up saying, "Cannot connect to server. (STARTTLS connection
security not available)". (The implementation of notifications when
STARTTLS is not available is not actually included here -- it's in the
commit that follows.)

Regarding the changes to providers.xml:  in cases where the scheme ended
with "+ssl", the schemes were simply updated by appending "+".  In cases
where the scheme ended with "+tls", a check of the server was made to
assure that STARTTLS was available before appending "+" to the scheme.
Domains paran.com and nate.com failed the check and were removed because
no current information could be found.  Domains me.com and mac.com also
failed and were updated based on http://support.apple.com/kb/ht4864.
2014-03-03 17:23:00 -05:00
Joe Steele
39590d49bd Notify user of certificate errors while pushing
Previously, if a server's certificate failed authentication while
connecting for push (if, for example, the certificate had expired), then
the attempt to connect would fail, and another attempt would be tried
later.  After a certain number of failed attempts, no further attempts
would be made.  Meanwhile, the user is oblivious to the failures, and it
could be quite some time before the user realizes that they are not
getting email.  Even when they do realize it, they would not know the
cause.

With this commit, users receive a notification when such failures occur
while connecting for push.  (These notifications are already generated
with failures while polling.)  Tapping the notification will take the user
to the relevant server settings where they can choose to accept the
certificate.
2014-03-03 17:18:49 -05:00
Joe Steele
8d0901a178 Delete old journals when moving the database 2014-03-03 11:03:16 -05:00
Joe Steele
0f991b434e Use Locale.US where appropriate
Applicable for strings not intended for user consumption.

A %d string format code can generate eastern-arabic numerals
for users with an arabic locale.

V/k9      (20763): conn1103774136>>> 5 UID SEARCH ٦٤٦:٦٧٠ NOT DELETED
V/k9      (20763): conn1103774136<<<#5# [BAD, Invalid Search criteria]
E/k9      (20763): synchronizeMailbox
E/k9      (20763): com.fsck.k9.mail.store.ImapStore$ImapException: Command: UID SEARCH ٦٤٦:٦٧٠ NOT DELETED; response: #5# [BAD, Invalid Search criteria]
2014-03-03 10:40:23 -05:00
Joe Steele
0509e1541c Use Locale.US where appropriate 2014-03-03 10:08:07 -05:00
Dominik Schürmann
4a69ef1509 New OpenPGP Provider API 2014-03-02 16:51:47 +01:00
cketti
47e09c92ea Merge pull request #456 from asdil12/single_pkg_command
Fix sendCommand line splitup
2014-03-01 07:39:52 +01:00
cketti
bf9264dbb0 Merge pull request #454 from mallamanis/master
Renaming variables for codebase consistency
2014-03-01 07:39:07 +01:00
yulin2
fa7118dab3 Put long-running operation into AsyncTask 2014-03-01 06:04:50 +01:00
cketti
abc765e893 Don't combine strings in code 2014-03-01 05:12:01 +01:00
Dominik Heidler
8bfd6ca3e0 Fix sendCommand line splitup for some imap proxys
When sending a command it would be sent like this:
PKG1: 1 STARTTLS
PKG2: \r\n

Some imap proxys (maybe from Fortinet?) don't accept commands across packets:
PKG1: 1 STARTTLS\r\n
2014-02-28 18:17:11 +01:00
Miltos Allamanis
c17d0323f2 Renamed "identitiy" to "identity".
The naturalize tool detected that using "identity" is more consistent
with the current codebase state:
* "identity" in SettingsImporter is 78.46% probable ("identitiy" 21.54%)
2014-02-26 14:49:24 +00:00
Miltos Allamanis
cfeed40781 Renamed "tokens" to "tokenizer".
The naturalize tool detected that using "tokenizer" is more consistent
with the current codebase state:
* "tokenizer" in MessageCompose is 60.40% probable ("tokens" 39.60%)
2014-02-26 14:49:14 +00:00
Miltos Allamanis
6075addfd0 Renamed "local_folder" to "localFolder".
The naturalize tool detected that using "localFolder" is more consistent
with the current codebase state:
* "localFolder" in MessageListFragment is 76.31% probable ("local_folder" 23.69%)
2014-02-26 14:49:06 +00:00
Miltos Allamanis
2df205874e Renamed "s" to "sizeParam".
The naturalize tool detected that using "sizeParam" is more consistent
with the current codebase state:
* "sizeParam" in LocalStore is 22.89% probable ("s" 10.52%)
2014-02-26 14:27:35 +00:00
Miltos Allamanis
be2b3b1ec2 Renamed "usee" to "uee".
The naturalize tool detected that using "uee" is more consistent with
the current codebase state:
* "uee" in LocalStore is 28.47% probable ("usee" 5.01%)
* "uee" in TextBody is 45.02% probable ("usee" 9.10%)
2014-02-26 14:23:33 +00:00
Joe Steele
540de158a0 Change the PLAIN auth. option text based on encryption
If the user chooses a connection security option which assures the use of
encryption, then the PLAIN auth. option is labeled "Normal password",
otherwise it is labeled "Password, transmitted insecurely".

This is similar to Thunderbird's behavior.
2014-02-25 15:22:44 -05:00
Joe Steele
f7d397ea09 Eliminate SMTP AUTOMATIC authentication
The server settings for IMAP and POP3 have no such AUTOMATIC setting.
(Nor does Thunderbird have any such setting.)

The AUTOMATIC option is no longer offered to users as a choice.  A
pre-existing setting will continue to be honored, but only to the extent
that it doesn't result in insecure password transmission.  Users in such a
situation will get a "Failed to send some messages" notification
containing the exception text that says to update their outgoing server
authentication setting.

One of the problems with "AUTOMATIC" is that users may not fully
understand its security implications.  For example, a MITM attack could
mask a server's support for STARTTLS and CRAM-MD5, resulting in password
disclosure in certain configurations.

This commit also makes changes to the SMTP authentication process.  No
attempt is made to authenticate using methods that the server does not
profess to support in its EHLO response.  This is the same behavior as
found in Thunderbird.
2014-02-25 15:22:43 -05:00
Joe Steele
23f8d53178 Use Transport.decodeTransportUri and Transport.createTransportUri
rather than manually creating the URIs.

This mirrors behavior that occurs in AccountSetupIncoming.
2014-02-25 15:22:40 -05:00
Joe Steele
c7e46faf0a Simplify code with better use of enum ConnectionSecurity 2014-02-25 15:22:38 -05:00
Joe Steele
90fedf7125 Eliminate the LOGIN authentication option from SMTP
The LOGIN option is no longer offered to users as a choice.  This does
*not* eliminate the SASL LOGIN authentication mechanism.  Any pre-existing
LOGIN setting or any imported LOGIN setting will still be recognized.  In
all cases, a user setting of either "Normal password" or "LOGIN" will
result in the SASL PLAIN mechanism being tried first if available,
otherwise SASL LOGIN will be tried if available.

This mirrors similar behavior that exists for IMAP.
2014-02-25 15:22:37 -05:00
Joe Steele
dc9720ca13 Use localized strings for authentication type
AUTOMATIC = "Automatic"
PLAIN = "Normal password"
CRAM_MD5 = "Encrypted password"

SMTP also uses LOGIN.  No localized text was associated with that because
a future commit will remove that option.

(The text is similar to that of Thunderbird's)
2014-02-25 15:22:35 -05:00
Joe Steele
f24ac67e4d Ignore case for SMTP extension keywords
The server is permitted to use mixed case keywords.
This converts them to upper case on receipt.
2014-02-25 15:22:33 -05:00
Joe Steele
64fd04ece2 POP3 authentication improvements
Changes:

Extract code and create login() and authCramMD5() methods.

Implement the SASL PLAIN authentication mechanism.  Its primary benefit is
the explicit support for UTF-8.  If the user has configured "PLAIN"
authentication, then SASL PLAIN will be used, if available, otherwise
login() will be used.

Implement POP3 APOP authentication (issue 3218).  If the user has
configured "CRAM_MD5" authentication (a future commit will change this
user option to a localized string "Encrypted password"), then SASL
CRAM-MD5 will be used, if available, otherwise the availability of POP3
APOP will be checked and used (per RFC 2449, there is no APOP
"capability").

Extend getCapabilities() to check for available authentication methods by
sending the "AUTH" command with no arguments
(http://tools.ietf.org/html/draft-myers-sasl-pop3-05).  This never became
a standard, but there are servers that support it, and Thunderbird
includes this check.

The SASL PLAIN and CRAM-MD5 authentication methods are not attempted
unless the server professes to have the appropriate capability.
(Previously, CRAM-MD5 was tried regardless of capability.)  No check is
made for the USER capability prior to use of that method.  All this is the
same behavior as in Thunderbird.

Eliminate the testing for capabilities in cases where the test results are
never used (PIPELINING, USER).

Change when getCapabilities() is called.  It is called once upon
connection.  If STARTTLS is negotiated (POP3 STLS), then
getCapabilities() is called again after the connection is encrypted (and
the server is authenticated), but before user authentication is attempted.
2014-02-25 15:22:32 -05:00
Joe Steele
26491676fa Retrict use of AuthenticationFailedException
In AccountSetupCheckSettings.onCreate(Bundle), the account settings are
checked.

If an AuthenticationFailedException occurs, A dialog saying "Username or
password incorrect." pops up.  We don't want to say this if the cause is
not related to an incorrect user name or password.  Instead we want to say
the more generic "Cannot connect to server" which pops up for other
exception types.

This commit attempts to eliminate the use of AuthenticationFailedException
in instances where it could not be due to "Username or password
incorrect."
2014-02-25 15:22:30 -05:00
Joe Steele
3877f58515 (partially) Fix IMAP LOGIN
Previously, the user name and password were being transmitted as IMAP (RFC
3501) quoted strings.

The problem is that quoted strings are only permitted to carry 7-bit
(ASCII) data, whereas user names and passwords entered in K-9 Mail may not
be ASCII, so K-9 was violating the RFC by sending them as quoted strings.

The solution is to transmit the credentials as IMAP literal strings, which
are permitted for user names and passwords, and which permit the
transmission of 8-bit data.

This is only a partial attempt for fixing the LOGIN command for users with
non-ASCII credentials.  The problem is that IMAP permits 8-bit data for
user names and passwords (if transmitted as literals), but the RFC says
nothing about the character encoding for 8-bit data.  This commit encodes
them as UTF-8.

The RFC author's comments on the subject:
http://mailman2.u.washington.edu/pipermail/imap-protocol/2008-February/000822.html

Ideally, users should avoid the LOGIN command and use the SASL PLAIN
mechanism (within TLS) which explicitly permits UTF-8. (K-9 Mail always
chooses PLAIN over LOGIN, when PLAIN is available.)
2014-02-25 15:22:28 -05:00
Joe Steele
6f49ebd975 Permit UTF-8 names & passwords with CRAM-MD5 authentication
CRAM-MD5 (RFC 2195) permits 8-bit data but does not identify its encoding.
Since ASCII does not permit 8-bit data, this commit changes the encoding
to UTF-8.

There is an expired Internet-Draft that proposed that the RFC be changed
to explicitly require UTF-8 encoding of user names and shared secrets.
(But then there's also an expired draft proposing that CRAM-MD5 be retired
to historic status.)

Instead of CRAM-MD5, a better option for users is the SASL PLAIN mechanism
(within TLS) which explicitly permits UTF-8.
2014-02-25 15:22:26 -05:00
Joe Steele
1d1b14da21 Fix ImapStore$ImapConnection.authCramMD5()
See Issue 4492

This method made way too many assumptions about server responses and
should not have been attempting to read and parse them.  That should be
left to ImapResponseParser.
2014-02-25 15:22:24 -05:00
Joe Steele
871ee1cc6c IMAP authentication improvements
Changes:

Implement the PLAIN SASL mechanism.  IMAPv4rev1 assures its availability
so long as the connection is encrypted.  The big advantage of PLAIN over
IMAP "LOGIN" is that PLAIN uses UTF-8 encoding for the user name and
password, whereas "LOGIN" is only safe for 7-bit US-ASCII -- the encoding
of 8-bit data is undefined.

(Note that RFC 6855 says that IMAP "LOGIN" does not support UTF-8, and
clients must use IMAP "AUTHENTICATE" to pass UTF-8 user names and
passwords.)

Honor the "LOGINDISABLED" CAPABILITY (RFC 2595) when the server declares
it.  There's no sense transmitting a password in the clear when it is
known that it will be rejected.

No attempt is made to try CRAM-MD5 if the server doesn't profess to
support it in its CAPABILITY response. (This is the same behavior as
Thunderbird.)

Extract code from ImapConnection.open into new method
ImapConnection.login.

Extract code from ImapConnection.executeSimpleCommand into new method
ImapConnection.readStatusResponse.

Related issues:  6015, 6016
2014-02-25 15:22:22 -05:00
Joe Steele
1091e7af99 Eliminate non-working text replacements
All \r and \n codes have been replaced with <br />, so the patterns in
these replacements don't match anything.

This problem has existed for some time -- since commits 1ea27d7 and
e12dd32.

No attempt is made here to reimplement the replacements because users are
now used to the current behavior without much apparent complaint, and such
replacements are never perfect and can occasionally fail to work as
desired without additional tweaking for special cases.
2014-02-25 12:58:56 -05:00
cketti
8eb68c416a Avoid adding the same recipient twice when using "reply to all"
Fixes issue 6056
2014-02-23 00:30:53 +01:00
cketti
1be9272b9b Merge pull request #449 from dnet/cleanup20140215 2014-02-17 20:03:30 +01:00
cketti
70399829c2 Fix indentation and code style 2014-02-17 19:58:22 +01:00