Added option to disable updating SSL provider

This commit is contained in:
M66B 2023-12-11 12:58:56 +01:00
parent de1c931dc3
commit 1ea136020e
4 changed files with 48 additions and 4 deletions

View File

@ -95,6 +95,7 @@ public class FragmentOptionsConnection extends FragmentBase implements SharedPre
private SwitchCompat swStandaloneVpn;
private SwitchCompat swTcpKeepAlive;
private TextView tvTcpKeepAliveHint;
private SwitchCompat swSslUpdate;
private SwitchCompat swSslHarden;
private SwitchCompat swSslHardenStrict;
private SwitchCompat swCertStrict;
@ -121,7 +122,7 @@ public class FragmentOptionsConnection extends FragmentBase implements SharedPre
"download_headers", "download_eml", "download_plain",
"require_validated", "require_validated_captive", "vpn_only",
"timeout", "prefer_ip4", "bind_socket", "standalone_vpn", "tcp_keep_alive",
"ssl_harden", "ssl_harden_strict", "cert_strict", "open_safe", "http_redirect",
"ssl_update", "ssl_harden", "ssl_harden_strict", "cert_strict", "open_safe", "http_redirect",
"bouncy_castle", "bc_fips"
};
@ -152,6 +153,7 @@ public class FragmentOptionsConnection extends FragmentBase implements SharedPre
swStandaloneVpn = view.findViewById(R.id.swStandaloneVpn);
swTcpKeepAlive = view.findViewById(R.id.swTcpKeepAlive);
tvTcpKeepAliveHint = view.findViewById(R.id.tvTcpKeepAliveHint);
swSslUpdate = view.findViewById(R.id.swSslUpdate);
swSslHarden = view.findViewById(R.id.swSslHarden);
swSslHardenStrict = view.findViewById(R.id.swSslHardenStrict);
swCertStrict = view.findViewById(R.id.swCertStrict);
@ -332,6 +334,14 @@ public class FragmentOptionsConnection extends FragmentBase implements SharedPre
}
});
swSslUpdate.setOnCheckedChangeListener(new CompoundButton.OnCheckedChangeListener() {
@Override
public void onCheckedChanged(CompoundButton v, boolean checked) {
prefs.edit().putBoolean("ssl_update", checked).commit();
ApplicationEx.restart(v.getContext(), "ssl_update");
}
});
swSslHarden.setOnCheckedChangeListener(new CompoundButton.OnCheckedChangeListener() {
@Override
public void onCheckedChanged(CompoundButton compoundButton, boolean checked) {
@ -665,6 +675,7 @@ public class FragmentOptionsConnection extends FragmentBase implements SharedPre
swBindSocket.setChecked(prefs.getBoolean("bind_socket", false));
swStandaloneVpn.setChecked(prefs.getBoolean("standalone_vpn", false));
swTcpKeepAlive.setChecked(prefs.getBoolean("tcp_keep_alive", false));
swSslUpdate.setChecked(prefs.getBoolean("ssl_update", true));
swSslHarden.setChecked(prefs.getBoolean("ssl_harden", false));
swSslHardenStrict.setChecked(prefs.getBoolean("ssl_harden_strict", false));
swSslHardenStrict.setEnabled(swSslHarden.isChecked());

View File

@ -436,6 +436,30 @@
app:layout_constraintStart_toStartOf="parent"
app:layout_constraintTop_toBottomOf="@id/swTcpKeepAlive" />
<androidx.appcompat.widget.SwitchCompat
android:id="@+id/swSslUpdate"
android:layout_width="0dp"
android:layout_height="wrap_content"
android:layout_marginTop="12dp"
android:checked="true"
android:text="@string/title_advanced_ssl_update"
app:layout_constraintEnd_toEndOf="parent"
app:layout_constraintStart_toStartOf="parent"
app:layout_constraintTop_toBottomOf="@id/tvTcpKeepAliveHint"
app:switchPadding="12dp" />
<TextView
android:id="@+id/tvSslUpdateHint"
android:layout_width="0dp"
android:layout_height="wrap_content"
android:layout_marginEnd="48dp"
android:text="@string/title_advanced_english_hint"
android:textAppearance="@style/TextAppearance.AppCompat.Small"
android:textStyle="italic"
app:layout_constraintEnd_toEndOf="parent"
app:layout_constraintStart_toStartOf="parent"
app:layout_constraintTop_toBottomOf="@id/swSslUpdate" />
<androidx.appcompat.widget.SwitchCompat
android:id="@+id/swSslHarden"
android:layout_width="0dp"
@ -444,7 +468,7 @@
android:text="@string/title_advanced_ssl_harden"
app:layout_constraintEnd_toEndOf="parent"
app:layout_constraintStart_toStartOf="parent"
app:layout_constraintTop_toBottomOf="@id/tvTcpKeepAliveHint"
app:layout_constraintTop_toBottomOf="@id/tvSslUpdateHint"
app:switchPadding="12dp" />
<TextView

View File

@ -515,6 +515,7 @@
<string name="title_advanced_bind_socket" translatable="false">Bind sockets to the active network</string>
<string name="title_advanced_standalone_vpn" translatable="false">Standalone VPN</string>
<string name="title_advanced_tcp_keep_alive" translatable="false">TCP keep alive</string>
<string name="title_advanced_ssl_update">Use update SSL provider</string>
<string name="title_advanced_ssl_harden">Harden SSL connections</string>
<string name="title_advanced_ssl_harden_strict">Require TLS 1.3</string>
<string name="title_advanced_cert_strict">Strict certificate checking</string>

View File

@ -20,6 +20,9 @@ package eu.faircode.email;
*/
import android.content.Intent;
import android.content.SharedPreferences;
import androidx.preference.PreferenceManager;
import com.google.android.gms.security.ProviderInstaller;
@ -32,8 +35,13 @@ public class ApplicationSecure extends ApplicationEx implements ProviderInstalle
@Override
public void onCreate() {
super.onCreate();
Log.i("Security provider check");
ProviderInstaller.installIfNeededAsync(this, this);
SharedPreferences prefs = PreferenceManager.getDefaultSharedPreferences(this);
boolean ssl_update = prefs.getBoolean("ssl_update", true);
if (ssl_update) {
Log.i("Security provider check");
ProviderInstaller.installIfNeededAsync(this, this);
} else
lock.countDown();
}
@Override