mirror of https://github.com/M66B/FairEmail.git
BIMI parent domain fixes
This commit is contained in:
parent
dfe0dea265
commit
5536afb45d
|
@ -208,9 +208,16 @@ public class Bimi {
|
|||
throw new IllegalArgumentException("Invalid certificate type");
|
||||
|
||||
// Check subject
|
||||
boolean found = false;
|
||||
List<String> names = EntityCertificate.getDnsNames(cert);
|
||||
if (!names.contains(domain))
|
||||
throw new IllegalArgumentException("Invalid certificate domain" +
|
||||
for (String name : names)
|
||||
if (domain.endsWith(name.toLowerCase(Locale.ROOT))) {
|
||||
found = true;
|
||||
break;
|
||||
}
|
||||
if (!found)
|
||||
throw new IllegalArgumentException("Invalid certificate" +
|
||||
" domain=" + domain +
|
||||
" names=" + TextUtils.join(", ", names));
|
||||
|
||||
// https://datatracker.ietf.org/doc/html/rfc3709#page-6
|
||||
|
@ -306,6 +313,13 @@ public class Bimi {
|
|||
String txt = "_dmarc." + domain;
|
||||
Log.i("BIMI fetch TXT " + txt);
|
||||
DnsHelper.DnsRecord[] records = DnsHelper.lookup(context, txt, "txt");
|
||||
if (records.length == 0) {
|
||||
String parent = UriHelper.getParentDomain(context, domain);
|
||||
if (!domain.equals(parent)) {
|
||||
txt = "_dmarc." + parent;
|
||||
records = DnsHelper.lookup(context, txt, "txt");
|
||||
}
|
||||
}
|
||||
if (records.length == 0)
|
||||
throw new IllegalArgumentException("DMARC missing");
|
||||
Log.i("BIMI got TXT " + records[0].name);
|
||||
|
|
Loading…
Reference in New Issue