1
0
mirror of https://github.com/moparisthebest/k-9 synced 2024-11-13 13:05:03 -05:00
Commit Graph

1425 Commits

Author SHA1 Message Date
cketti
ff5edf43d4 Merge branch 'pr/453'
Authentication changes

 message to explain why this merge is necessary,
2014-03-05 06:19:55 +01:00
Joe Steele
d67c054d4d Restart pushers after editing server settings
If an error occurs while connecting for push (for example, if the server's
certificate fails authentication), several more attempts will be made to
connect, then finally all attempts will cease.

This commit makes it so that pushers are restarted if the user goes in and
edits the server settings (presumably because the user was notified of a
problem and is attempting to fix it).  Without this, the user could fix
the problem and would still not receive email via push.
2014-03-03 17:29:54 -05:00
Joe Steele
9dc5338501 Eliminate WebDAV STARTTLS security choice
STARTTLS doesn't really apply to WebDAV and should never have been made
available as an option.

Pre-existing settings will be re-mapped to SSL/TLS.
2014-03-03 17:29:51 -05:00
Joe Steele
daea7f1ecd Eliminate the 'if available' connection security options
These options originated in the AOSP email client from which K-9 Mail was
forked.  They provide an odd combination of 2 features:

1. Don't bother to authenticate the server's certificate (applies to both
SSL/TLS and STARTTLS); i.e., blindly accept all certificates.  This is
generally a bad security policy which is susceptible to MITM attacks.

2. If STARTTLS is selected but the server doesn't claim to support
STARTTLS, then proceed without using encryption.  This, too, is a bad
security policy which is susceptible to MITM attacks.

Since the time that K-9 Mail was forked, a couple things have changed:

> K-9 Mail has implemented the ability for users to review and permanently
accept individual certificates that would otherwise fail authentication.
With this ability, there is no need for a user to subject themselves to
the ongoing risks of feature 1. above.  Hence, this commit removes feature
1.

> The AOSP email client has changed its behavior and no longer permits a
security downgrade to an unencrypted connection if the server doesn't
claim to support STARTTLS (i.e., they eliminated feature 2. above). K-9
Mail should do the same.  It's unlikely that a server is going to provide
STARTTLS on an intermittent basis, so providing a contingency for such
unusual behavior is an unnecessary risk.  Hence, this commit removes that
feature as well.

Effect on existing users:

If the old connection security setting was "SSL/TLS (if available)" (which
now gets remapped to "SSL/TLS"), and the server does not provide a
certificate that can be authenticated, then a "Certificate error for
<account name>" notification is generated telling the user to check their
server settings.  Tapping the notification takes the user to the relevant
server settings, where the user can tap "Next" to review the certificate
and choose to permanently accept it.  This process would occur during the
first syncing of folders after application upgrade or (in the case of
SMTP) during the first attempt to send a message.

If the connection security setting was "STARTTLS (if available)" (which
now gets remapped to "STARTTLS"), and the server does not provide a
certificate that can be authenticated, then the same process as above
would occur.

If the old connection security setting was "STARTTLS (if available)", and
the server doesn't claim to support STARTTLS, then the user would get a
certificate error notification which would lead them to the server's
settings.  There they would need to choose a different connection security
-- most likely "NONE".  If they didn't change anything but instead just
tapped "Next", the server settings would be checked again and a dialog
would pop up saying, "Cannot connect to server. (STARTTLS connection
security not available)". (The implementation of notifications when
STARTTLS is not available is not actually included here -- it's in the
commit that follows.)

Regarding the changes to providers.xml:  in cases where the scheme ended
with "+ssl", the schemes were simply updated by appending "+".  In cases
where the scheme ended with "+tls", a check of the server was made to
assure that STARTTLS was available before appending "+" to the scheme.
Domains paran.com and nate.com failed the check and were removed because
no current information could be found.  Domains me.com and mac.com also
failed and were updated based on http://support.apple.com/kb/ht4864.
2014-03-03 17:23:00 -05:00
Joe Steele
0f991b434e Use Locale.US where appropriate
Applicable for strings not intended for user consumption.

A %d string format code can generate eastern-arabic numerals
for users with an arabic locale.

V/k9      (20763): conn1103774136>>> 5 UID SEARCH ٦٤٦:٦٧٠ NOT DELETED
V/k9      (20763): conn1103774136<<<#5# [BAD, Invalid Search criteria]
E/k9      (20763): synchronizeMailbox
E/k9      (20763): com.fsck.k9.mail.store.ImapStore$ImapException: Command: UID SEARCH ٦٤٦:٦٧٠ NOT DELETED; response: #5# [BAD, Invalid Search criteria]
2014-03-03 10:40:23 -05:00
cketti
bf9264dbb0 Merge pull request #454 from mallamanis/master
Renaming variables for codebase consistency
2014-03-01 07:39:07 +01:00
cketti
abc765e893 Don't combine strings in code 2014-03-01 05:12:01 +01:00
Miltos Allamanis
cfeed40781 Renamed "tokens" to "tokenizer".
The naturalize tool detected that using "tokenizer" is more consistent
with the current codebase state:
* "tokenizer" in MessageCompose is 60.40% probable ("tokens" 39.60%)
2014-02-26 14:49:14 +00:00
Joe Steele
540de158a0 Change the PLAIN auth. option text based on encryption
If the user chooses a connection security option which assures the use of
encryption, then the PLAIN auth. option is labeled "Normal password",
otherwise it is labeled "Password, transmitted insecurely".

This is similar to Thunderbird's behavior.
2014-02-25 15:22:44 -05:00
Joe Steele
23f8d53178 Use Transport.decodeTransportUri and Transport.createTransportUri
rather than manually creating the URIs.

This mirrors behavior that occurs in AccountSetupIncoming.
2014-02-25 15:22:40 -05:00
Joe Steele
c7e46faf0a Simplify code with better use of enum ConnectionSecurity 2014-02-25 15:22:38 -05:00
Joe Steele
90fedf7125 Eliminate the LOGIN authentication option from SMTP
The LOGIN option is no longer offered to users as a choice.  This does
*not* eliminate the SASL LOGIN authentication mechanism.  Any pre-existing
LOGIN setting or any imported LOGIN setting will still be recognized.  In
all cases, a user setting of either "Normal password" or "LOGIN" will
result in the SASL PLAIN mechanism being tried first if available,
otherwise SASL LOGIN will be tried if available.

This mirrors similar behavior that exists for IMAP.
2014-02-25 15:22:37 -05:00
Joe Steele
dc9720ca13 Use localized strings for authentication type
AUTOMATIC = "Automatic"
PLAIN = "Normal password"
CRAM_MD5 = "Encrypted password"

SMTP also uses LOGIN.  No localized text was associated with that because
a future commit will remove that option.

(The text is similar to that of Thunderbird's)
2014-02-25 15:22:35 -05:00
cketti
8eb68c416a Avoid adding the same recipient twice when using "reply to all"
Fixes issue 6056
2014-02-23 00:30:53 +01:00
András Veres-Szentkirályi
ab3044c9fa use Set instead of implementation type 2014-02-15 23:59:24 +01:00
András Veres-Szentkirályi
cbbd0bc405 use more idiomatic String.isEmpty() instead of comparing length to 0 2014-02-15 23:59:24 +01:00
András Veres-Szentkirályi
21fe3f6cd2 use built-in TextUtils.join instead of StringBuilder 2014-02-15 23:59:23 +01:00
cketti
53eac39a90 Extract code to scale the slider value for the message content font setting 2014-02-13 06:04:19 +01:00
cketti
90f63ba057 Remove old setting for message content font size
- export new setting
- add upgrade code to convert old setting to new format
2014-02-13 04:22:45 +01:00
cketti
d419fab789 Add support for KitKat's Storage Access Framework
This allows users on KitKat to add multiple attachments at once.
2014-02-10 20:58:50 +01:00
Koji Arai
cbddf960b1 Should disable COMPOSE menu item
When message viewing and tap the next icon, menu icons (previous, next, delete and replys) disappears for an instant.
But a compose icon remains, then tap it accidentally.
2014-02-10 19:59:26 +01:00
cketti
cf228583bc Merge pull request #448
Change message body font size with slider
2014-02-01 00:52:32 +01:00
cketti
6e7fa0df03 Save/restore slider state 2014-02-01 00:49:39 +01:00
cketti
f224483df4 Fix display error in account settings
* correctly initialize summary of 'Server search limit'.
* don't persist value in shared preferences
2014-01-31 22:10:28 +01:00
Sergii Pylypenko
67abde055a Change message body font size with slider, using new setTextZoom() WebView API, from 40% to 250% 2014-01-31 23:09:25 +02:00
cketti
b299713807 Support extras for ACTION_VIEW + mailto: URI
Support the extras documented for ACTION_SEND to be used with
ACTION_VIEW to support another app that doesn't care, namely Twitter.
2014-01-30 02:49:04 +01:00
cketti
1a16dbf295 Restore instance state in correct order
Fixes issue 5968
2014-01-23 01:35:21 +01:00
cketti
4955e34886 Merge pull request #437 from zjw/misc_clean_up 2014-01-05 04:30:28 +01:00
cketti
06ec852090 Rename plurals to make Transifex happy 2014-01-04 01:44:31 +01:00
Joe Steele
0de72c31b4 Use a locale-specific date in the header of a quoted message
Also, include the sent-date in the header when using
the "prefix" quote style.  "Be like mutt" (and gmail,
and thunderbird)

Also, the quoteOriginalHtmlMessage method was using the mSourceMessage
field in various places when it should be using its originalMessage
parameter.

Related issues:  2249, 3456
2013-12-29 18:46:51 -05:00
Joe Steele
cedcd7e47c Eliminate the need to pass a context to LocalKeyStore.getInstance
Instead, have K9.onCreate initialize the location of the key
store file (similar to what is done with
BinaryTempFileBody.setTempDirectory).

Also, LocalKeyStore.getInstance has been changed so that it
no longer needs to be synchronized.
2013-12-03 19:24:37 -05:00
cketti
765b390eb5 Remove LocalKeyStore's dependency on K9.app 2013-12-03 13:28:48 +01:00
cketti
2a9ac867b9 Remove LocalKeyStore's dependency on Account to reduce coupling 2013-12-03 12:56:31 +01:00
Joe Steele
8eef43c282 Implement pruning of old certificates from LocalKeyStore
Certificates are deleted whenever server settings are changed
or an account is deleted.
2013-12-02 14:49:47 -05:00
Joe Steele
40404c3700 Move some classes out of com.fsck.k9.mail.store
The classes are just as much related to com.fsck.k9.mail.transport
as com.fsck.k9.mail.store, so having them in
com.fsck.k9.mail.store doesn't seem appropriate.

Move LocalKeyStore to com.fsck.k9.security

Move TrustManagerFactory and TrustedSocketFactory to com.fsck.k9.net.ssl
2013-12-02 14:07:57 -05:00
Joe Steele
76605f7d86 Extract code into new LocalKeyStore class
Also, implement the ability to configure an alternate key store
file location. This permits the running of unit tests without
clobbering the live key store file.

Also, add a test to confirm that the key store file is being written
out and reread correctly.
2013-12-02 14:04:40 -05:00
cketti
48d11fd386 Properly save and restore instance state in AccountSetupBasics 2013-11-29 05:33:48 +01:00
Joe Steele
a4440b4042 Fix inadequate certificate validation
Proper host name validation was not being performed for certificates
kept in the local keystore.  If an attacker could convince a user to
accept and store an attacker's certificate, then that certificate
could be used for MITM attacks, giving the attacker access to all
connections to all servers in all accounts in K-9.

This commit changes how the certificates are stored.  Previously, an
entire certificate chain was stored for a server (and any of those
certificates in the chain were available for validating signatures on
certificates received when connecting).  Now just the single
certificate for the server is stored.

This commit changes how locally stored certificates are retrieved.
They can only be retrieved using the host:port that the user
configured for the server.

This also fixes issue 1326.  Users can now use different certificates
for different servers on the same host (listening to different ports).

The above changes mean that users might have to re-accept certificates
that they had previously accepted and are still using (but only if the
certificate's Subject doesn't match the host that they are connecting
to).

This commit modifies AccountSetupBasics so that it now calls
AccountSetupCheckSettings twice -- once for checking the incoming
settings and once for the outgoing settings.  Otherwise, an exception
could occur while checking incoming settings, the user could say
continue (or the user could accept a certificate key), and the
outgoing settings would not be checked.  This also helps with
determining if a certificate exception was for the incoming or
outgoing server, which is needed if the user decides to add the
certificate to the keystore.
2013-11-23 13:26:57 -05:00
Danny Baumann
b500047e42 Fix contact picture color generation.
Make sure to return different colors for senders with different name,
but the same mail address (e.g. mails sent by certain issue tracking
systems).
2013-11-11 13:31:58 +01:00
cketti
b398c4d7f4 Fix file selection for import
Using FLAG_ACTIVITY_NO_HISTORY will cause the file selection
to fail when KitKat's "Open from" activity opens a third-party activity.
2013-11-07 07:33:33 +01:00
Jesse Vincent
e20e513039 Sadly, KitKat's file manager fails to recognize our mimetype and won't let users import settings 2013-11-05 20:19:27 -05:00
Joe Steele
0323af09e5 Don't add blank lines to composed messages if there is no quoted text 2013-10-11 11:39:50 -04:00
Joe Steele
ef01cabccc Remove \n from R.string.message_compose_reply_header_fmt
This string resource is used in two places -- both with and without the
linefeed at the end.  Instead of having a linefeed in the string and
having the code remove it if not needed, the linefeed is now omitted from
the string and the code adds it if needed.

Also, the line ending is changed from \n to \r\n.

Also, the string in the DE and FR locales had linefeeds at the start that
were removed so they match all the other locales.

(The string in the zh-rTW locale was left alone, since it had no
linefeeds.  It looks like that file has numerous instances where \n was
replaced with actual newlines, which is probably not correct.)
2013-10-11 11:39:48 -04:00
Joe Steele
5a46575dc2 Generally replace \n with \r\n when part of a message
This builds upon the efforts started 2 commits back where \r\n is used for
all message text and \n is only used when the text is inside an
EolConvertingEditText widget.
2013-10-11 11:39:46 -04:00
Joe Steele
114be7a15d More robust checking to prevent fatal IndexOutOfBoundsException
Even with the fix in the parent commit,  the X-K9mail-Identity header can
become invalid if, for example, a user creates a draft in K-9 Mail, then
edits the draft outside of K-9 Mail, then opens the draft again in K-9
Mail.

This commit assures that an invalid X-K9mail-Identity header will not
result in an IndexOutOfBoundsException.
2013-10-11 11:39:45 -04:00
Joe Steele
bfb0316583 Fix fatal IndexOutOfBoundsException
The problem:

Configure the account (just an example -- problems can occur in other
configurations as well):
Message Format: HTML
Reply quoting style: Prefix
Quote message when replying: yes
Reply after quoted text: yes

Reply to a message that has a large quantity (20+) of \r\n scattered in
the body of its HTML version (not an unusual scenario).

Add a reply.  Save the message as a draft.  Go back & open the draft
again.  A fatal IndexOutOfBoundsException occurs.

The cause:

When the draft was saved, the X-K9mail-Identity header was computed and
added to the message, then the text of the message was processed with
MimeUtility.fixDraftTextBody, replacing all occurrences of \r\n with \n in
the quoted message before being saved in LocalStore, thus invalidating the
X-K9mail-Identity header.

The fix:

Remove MimeUtility.fixDraftTextBody and implement
MessageCompose$EolConvertingEditText instead.  Any message text placed in
an EolConvertingEditText widget is assured to have \n line endings.  Any
message text extracted from an EolConvertingEditText widget is assured to
have \r\n line endings.  The X-K9mail-Identity header will always be
computed correctly.

Issues thought to be related:  4782, 5010, 5634, 5725

As noted in some of the referenced issues, errors didn't always result in
a fatal exception, but instead with mixed up text.

Ref:  commit f9a35aeaee
2013-10-11 11:39:15 -04:00
Joe Steele
005241d97b Issue 4594: draft not saved with shared info
When another app shared info with K-9 Mail, the draft was not
always being saved when the "Save as draft" menu option was selected.
2013-10-11 11:24:58 -04:00
cketti
1aca9eb22c ContactPictureLoader code cleanup 2013-10-03 21:21:54 +02:00
cketti
bea6ba6881 Fix JavaDoc to match the changes in ContactPictureLoader 2013-10-01 01:53:21 +02:00
Koji Arai
e4313067b6 Don't performSend() on onSave(). 2013-10-01 07:53:08 +09:00