mirror
/
FairEmail
mirror of https://github.com/M66B/FairEmail.git
1
0
Fork 0
Code Issues Releases Wiki Activity

Refactoring

This commit is contained in:
M66B 2024-01-05 13:42:49 +01:00
parent 4b41975935
commit 8e5a376cff
2 changed files with 33 additions and 29 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

31
app/src/main/java/eu/faircode/email/DnsHelper.java
View File

@ -31,6 +31,7 @@ import androidx.annotation.NonNull;
import org.minidns.AbstractDnsClient;
import org.minidns.DnsClient;
import org.minidns.dane.DaneVerifier;
import org.minidns.dnsmessage.DnsMessage;
import org.minidns.dnsqueryresult.DnsQueryResult;
import org.minidns.dnsqueryresult.StandardDnsQueryResult;
@ -55,6 +56,8 @@ import org.minidns.util.MultipleIoException;
import java.io.IOException;
import java.net.InetAddress;
import java.net.UnknownHostException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Collections;
import java.util.Comparator;
@ -63,6 +66,9 @@ import java.util.Locale;
import java.util.concurrent.Executor;
import java.util.concurrent.Semaphore;
import java.util.concurrent.TimeUnit;
import java.util.logging.Handler;
import java.util.logging.LogRecord;
import java.util.logging.Logger;
import javax.mail.Address;
import javax.mail.internet.InternetAddress;
@ -345,6 +351,31 @@ public class DnsHelper {
return result;
}
static void verifyDane(X509Certificate[] chain, String server, int port) throws CertificateException {
Handler handler = new Handler() {
@Override
public void publish(LogRecord record) {
Log.w("DANE " + record.getMessage());
}
@Override
public void flush() {
}
@Override
public void close() throws SecurityException {
}
};
String clazz = DaneVerifier.class.getName();
Logger.getLogger(clazz).addHandler(handler);
Log.w("DANE verify " + server + ":" + port);
boolean verified = new DaneVerifier().verifyCertificateChain(chain, server, port);
Log.w("DANE verified=" + verified + " " + server + ":" + port);
Logger.getLogger(clazz).removeHandler(handler);
if (!verified)
throw new CertificateException("DANE missing or invalid");
}
static void test(Context context) throws UnknownHostException {
test(context, "gmail.com", "ns");
test(context, "gmail.com", "mx");

31
app/src/main/java/eu/faircode/email/SSLHelper.java
View File

@ -29,8 +29,6 @@ import com.appmattus.certificatetransparency.CTTrustManagerBuilder;
import com.appmattus.certificatetransparency.VerificationResult;
import com.appmattus.certificatetransparency.cache.AndroidDiskCache;
import org.minidns.dane.DaneVerifier;
import java.net.InetAddress;
import java.net.UnknownHostException;
import java.security.KeyStore;
@ -41,9 +39,6 @@ import java.security.cert.CertificateExpiredException;
import java.security.cert.X509Certificate;
import java.util.Arrays;
import java.util.List;
import java.util.logging.Handler;
import java.util.logging.LogRecord;
import java.util.logging.Logger;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
@ -130,30 +125,8 @@ public class SSLHelper {
throw new CertificateException(principal.getName(), ex);
}
if (dane) {
Handler handler = new Handler() {
@Override
public void publish(LogRecord record) {
Log.w("DANE " + record.getMessage());
}
@Override
public void flush() {
}
@Override
public void close() throws SecurityException {
}
};
String clazz = DaneVerifier.class.getName();
Logger.getLogger(clazz).addHandler(handler);
Log.w("DANE verify " + server + ":" + port);
boolean verified = new DaneVerifier().verifyCertificateChain(chain, server, port);
Log.w("DANE verified=" + verified + " " + server + ":" + port);
Logger.getLogger(clazz).removeHandler(handler);
if (!verified)
throw new CertificateException("DANE missing or invalid");
}
if (dane)
DnsHelper.verifyDane(chain, server, port);
// Check host name
if (check_names) {