mirror/FairEmail
1
0
Fork 0
mirror of https://github.com/M66B/FairEmail.git synced 2024-12-30 19:56:10 +00:00
Code Issues Releases Wiki Activity

Refactoring

Browse source
This commit is contained in:
M66B 2022-01-30 14:56:29 +01:00
parent b20c9d2a47
commit 539ad86ff8
1 changed files with 7 additions and 8 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

15
app/src/main/java/eu/faircode/email/EmailService.java
View file

@ -106,7 +106,7 @@ public class EmailService implements AutoCloseable {
private String protocol;
private boolean insecure;
private int purpose;
private boolean harden;
private boolean ssl_harden;
private boolean cert_strict;
private boolean useip;
private String ehlo;
@ -185,7 +185,7 @@ public class EmailService implements AutoCloseable {
prefs.edit().putBoolean("protocol", false).apply();
this.log = prefs.getBoolean("protocol", false);
this.level = prefs.getInt("log_level", Log.getDefaultLogLevel());
this.harden = prefs.getBoolean("ssl_harden", false);
this.ssl_harden = prefs.getBoolean("ssl_harden", false);
this.cert_strict = prefs.getBoolean("cert_strict", !BuildConfig.PLAY_STORE_RELEASE);
boolean auth_plain = prefs.getBoolean("auth_plain", true);
@ -407,7 +407,7 @@ public class EmailService implements AutoCloseable {
}
}
factory = new SSLSocketFactoryService(host, insecure, harden, cert_strict, key, chain, fingerprint);
factory = new SSLSocketFactoryService(host, insecure, ssl_harden, cert_strict, key, chain, fingerprint);
properties.put("mail." + protocol + ".ssl.socketFactory", factory);
properties.put("mail." + protocol + ".socketFactory.fallback", "false");
properties.put("mail." + protocol + ".ssl.checkserveridentity", "false");
@ -945,16 +945,16 @@ public class EmailService implements AutoCloseable {
// openssl s_client -connect host:port < /dev/null 2>/dev/null | openssl x509 -fingerprint -noout -in /dev/stdin
private String server;
private boolean secure;
private boolean harden;
private boolean ssl_harden;
private boolean cert_strict;
private String trustedFingerprint;
private SSLSocketFactory factory;
private X509Certificate certificate;
SSLSocketFactoryService(String host, boolean insecure, boolean harden, boolean cert_strict, PrivateKey key, X509Certificate[] chain, String fingerprint) throws GeneralSecurityException {
SSLSocketFactoryService(String host, boolean insecure, boolean ssl_harden, boolean cert_strict, PrivateKey key, X509Certificate[] chain, String fingerprint) throws GeneralSecurityException {
this.server = host;
this.secure = !insecure;
this.harden = harden;
this.ssl_harden = ssl_harden;
this.cert_strict = cert_strict;
this.trustedFingerprint = fingerprint;
@ -1011,7 +1011,6 @@ public class EmailService implements AutoCloseable {
}
}
// Check host name
List<String> names = EntityCertificate.getDnsNames(certificate);
if (EntityCertificate.matches(server, names))
@ -1122,7 +1121,7 @@ public class EmailService implements AutoCloseable {
if (!cipher.endsWith("_SCSV"))
ciphers.add(cipher);
sslSocket.setEnabledCipherSuites(ciphers.toArray(new String[0]));
} else if (harden) {
} else if (ssl_harden) {
List<String> protocols = new ArrayList<>();
for (String protocol : sslSocket.getEnabledProtocols())
if (SSL_PROTOCOL_BLACKLIST.contains(protocol))