mirror
/
FairEmail
mirror of https://github.com/M66B/FairEmail.git
1
0
Fork 0
Code Issues Releases Wiki Activity

BIMI parent domain fixes

This commit is contained in:
M66B 2021-10-02 08:29:21 +02:00
parent dfe0dea265
commit 5536afb45d
1 changed files with 16 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
app/src/main/java/eu/faircode/email/Bimi.java
View File

@ -208,9 +208,16 @@ public class Bimi {
throw new IllegalArgumentException("Invalid certificate type");
// Check subject
boolean found = false;
List<String> names = EntityCertificate.getDnsNames(cert);
if (!names.contains(domain))
throw new IllegalArgumentException("Invalid certificate domain" +
for (String name : names)
if (domain.endsWith(name.toLowerCase(Locale.ROOT))) {
found = true;
break;
}
if (!found)
throw new IllegalArgumentException("Invalid certificate" +
" domain=" + domain +
" names=" + TextUtils.join(", ", names));
// https://datatracker.ietf.org/doc/html/rfc3709#page-6
@ -306,6 +313,13 @@ public class Bimi {
String txt = "_dmarc." + domain;
Log.i("BIMI fetch TXT " + txt);
DnsHelper.DnsRecord[] records = DnsHelper.lookup(context, txt, "txt");
if (records.length == 0) {
String parent = UriHelper.getParentDomain(context, domain);
if (!domain.equals(parent)) {
txt = "_dmarc." + parent;
records = DnsHelper.lookup(context, txt, "txt");
}
}
if (records.length == 0)
throw new IllegalArgumentException("DMARC missing");
Log.i("BIMI got TXT " + records[0].name);