mirror of https://github.com/M66B/FairEmail.git
Refactoring
This commit is contained in:
parent
4b41975935
commit
8e5a376cff
|
@ -31,6 +31,7 @@ import androidx.annotation.NonNull;
|
|||
|
||||
import org.minidns.AbstractDnsClient;
|
||||
import org.minidns.DnsClient;
|
||||
import org.minidns.dane.DaneVerifier;
|
||||
import org.minidns.dnsmessage.DnsMessage;
|
||||
import org.minidns.dnsqueryresult.DnsQueryResult;
|
||||
import org.minidns.dnsqueryresult.StandardDnsQueryResult;
|
||||
|
@ -55,6 +56,8 @@ import org.minidns.util.MultipleIoException;
|
|||
import java.io.IOException;
|
||||
import java.net.InetAddress;
|
||||
import java.net.UnknownHostException;
|
||||
import java.security.cert.CertificateException;
|
||||
import java.security.cert.X509Certificate;
|
||||
import java.util.ArrayList;
|
||||
import java.util.Collections;
|
||||
import java.util.Comparator;
|
||||
|
@ -63,6 +66,9 @@ import java.util.Locale;
|
|||
import java.util.concurrent.Executor;
|
||||
import java.util.concurrent.Semaphore;
|
||||
import java.util.concurrent.TimeUnit;
|
||||
import java.util.logging.Handler;
|
||||
import java.util.logging.LogRecord;
|
||||
import java.util.logging.Logger;
|
||||
|
||||
import javax.mail.Address;
|
||||
import javax.mail.internet.InternetAddress;
|
||||
|
@ -345,6 +351,31 @@ public class DnsHelper {
|
|||
return result;
|
||||
}
|
||||
|
||||
static void verifyDane(X509Certificate[] chain, String server, int port) throws CertificateException {
|
||||
Handler handler = new Handler() {
|
||||
@Override
|
||||
public void publish(LogRecord record) {
|
||||
Log.w("DANE " + record.getMessage());
|
||||
}
|
||||
|
||||
@Override
|
||||
public void flush() {
|
||||
}
|
||||
|
||||
@Override
|
||||
public void close() throws SecurityException {
|
||||
}
|
||||
};
|
||||
String clazz = DaneVerifier.class.getName();
|
||||
Logger.getLogger(clazz).addHandler(handler);
|
||||
Log.w("DANE verify " + server + ":" + port);
|
||||
boolean verified = new DaneVerifier().verifyCertificateChain(chain, server, port);
|
||||
Log.w("DANE verified=" + verified + " " + server + ":" + port);
|
||||
Logger.getLogger(clazz).removeHandler(handler);
|
||||
if (!verified)
|
||||
throw new CertificateException("DANE missing or invalid");
|
||||
}
|
||||
|
||||
static void test(Context context) throws UnknownHostException {
|
||||
test(context, "gmail.com", "ns");
|
||||
test(context, "gmail.com", "mx");
|
||||
|
|
|
@ -29,8 +29,6 @@ import com.appmattus.certificatetransparency.CTTrustManagerBuilder;
|
|||
import com.appmattus.certificatetransparency.VerificationResult;
|
||||
import com.appmattus.certificatetransparency.cache.AndroidDiskCache;
|
||||
|
||||
import org.minidns.dane.DaneVerifier;
|
||||
|
||||
import java.net.InetAddress;
|
||||
import java.net.UnknownHostException;
|
||||
import java.security.KeyStore;
|
||||
|
@ -41,9 +39,6 @@ import java.security.cert.CertificateExpiredException;
|
|||
import java.security.cert.X509Certificate;
|
||||
import java.util.Arrays;
|
||||
import java.util.List;
|
||||
import java.util.logging.Handler;
|
||||
import java.util.logging.LogRecord;
|
||||
import java.util.logging.Logger;
|
||||
|
||||
import javax.net.ssl.TrustManager;
|
||||
import javax.net.ssl.TrustManagerFactory;
|
||||
|
@ -130,30 +125,8 @@ public class SSLHelper {
|
|||
throw new CertificateException(principal.getName(), ex);
|
||||
}
|
||||
|
||||
if (dane) {
|
||||
Handler handler = new Handler() {
|
||||
@Override
|
||||
public void publish(LogRecord record) {
|
||||
Log.w("DANE " + record.getMessage());
|
||||
}
|
||||
|
||||
@Override
|
||||
public void flush() {
|
||||
}
|
||||
|
||||
@Override
|
||||
public void close() throws SecurityException {
|
||||
}
|
||||
};
|
||||
String clazz = DaneVerifier.class.getName();
|
||||
Logger.getLogger(clazz).addHandler(handler);
|
||||
Log.w("DANE verify " + server + ":" + port);
|
||||
boolean verified = new DaneVerifier().verifyCertificateChain(chain, server, port);
|
||||
Log.w("DANE verified=" + verified + " " + server + ":" + port);
|
||||
Logger.getLogger(clazz).removeHandler(handler);
|
||||
if (!verified)
|
||||
throw new CertificateException("DANE missing or invalid");
|
||||
}
|
||||
if (dane)
|
||||
DnsHelper.verifyDane(chain, server, port);
|
||||
|
||||
// Check host name
|
||||
if (check_names) {
|
||||
|
|
Loading…
Reference in New Issue