mirror
/
FairEmail
mirror of https://github.com/M66B/FairEmail.git
1
0
Fork 0
Code Issues Releases Wiki Activity

DANA: use Android resolver

This commit is contained in:
M66B 2024-06-19 18:23:35 +02:00
parent df7860dd59
commit 8858e98158
1 changed files with 11 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
app/src/main/java/eu/faircode/email/DnsHelper.java
View File

@ -390,7 +390,17 @@ public class DnsHelper {
try {
Logger.getLogger(clazz).addHandler(handler);
Log.w("DANE verify " + server + ":" + port);
boolean verified = new DaneVerifier().verifyCertificateChain(chain, server, port);
DnssecClient client = DnssecResolverApi.INSTANCE.getDnssecClient();
if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.Q)
client.setDataSource(new AndroidDataSource());
client.getDataSource().setTimeout(LOOKUP_TIMEOUT * 1000);
client.setUseHardcodedDnsServers(false);
boolean verified = new DaneVerifier(client).verifyCertificateChain(chain, server, port);
Log.w("DANE verified=" + verified + " " + server + ":" + port);
if (!verified)
throw new CertificateException("DANE missing or invalid",