From df92814dcb5648910868f9d6398d0db8ec81264b Mon Sep 17 00:00:00 2001 From: M66B Date: Tue, 15 Nov 2022 18:15:53 +0100 Subject: [PATCH] Added max. TLS to provider profiles --- .../main/java/eu/faircode/email/EmailProvider.java | 2 ++ .../main/java/eu/faircode/email/EmailService.java | 14 +++++++++++++- app/src/main/res/xml/providers.xml | 10 +++++++++- 3 files changed, 24 insertions(+), 2 deletions(-) diff --git a/app/src/main/java/eu/faircode/email/EmailProvider.java b/app/src/main/java/eu/faircode/email/EmailProvider.java index c8eceb25ae..00f5cc0fb8 100644 --- a/app/src/main/java/eu/faircode/email/EmailProvider.java +++ b/app/src/main/java/eu/faircode/email/EmailProvider.java @@ -88,6 +88,7 @@ public class EmailProvider implements Parcelable { public boolean partial; public boolean useip; public boolean appPassword; + public String maxtls; public String link; public Server imap = new Server(); public Server smtp = new Server(); @@ -241,6 +242,7 @@ public class EmailProvider implements Parcelable { provider.partial = getAttributeBooleanValue(xml, "partial", true); provider.useip = getAttributeBooleanValue(xml, "useip", true); provider.appPassword = getAttributeBooleanValue(xml, "appPassword", false); + provider.maxtls = xml.getAttributeValue(null, "maxtls"); provider.link = xml.getAttributeValue(null, "link"); String documentation = xml.getAttributeValue(null, "documentation"); diff --git a/app/src/main/java/eu/faircode/email/EmailService.java b/app/src/main/java/eu/faircode/email/EmailService.java index a63f49b222..3251fb36a8 100644 --- a/app/src/main/java/eu/faircode/email/EmailService.java +++ b/app/src/main/java/eu/faircode/email/EmailService.java @@ -47,6 +47,7 @@ import com.sun.mail.util.SocketConnectException; import com.sun.mail.util.TraceOutputStream; import java.io.ByteArrayOutputStream; +import java.io.FileNotFoundException; import java.io.IOException; import java.io.OutputStream; import java.io.PrintStream; @@ -430,7 +431,18 @@ public class EmailService implements AutoCloseable { } } - factory = new SSLSocketFactoryService(host, insecure, ssl_harden, ssl_harden_strict, cert_strict, key, chain, fingerprint); + boolean strict = ssl_harden_strict; + if (provider != null) + try { + EmailProvider p = EmailProvider.getProvider(context, provider); + if ("1.2".equals(p.maxtls)) { + strict = false; + Log.i(p.name + " maxtls=" + p.maxtls); + } + } catch (FileNotFoundException ignored) { + } + + factory = new SSLSocketFactoryService(host, insecure, ssl_harden, strict, cert_strict, key, chain, fingerprint); properties.put("mail." + protocol + ".ssl.socketFactory", factory); properties.put("mail." + protocol + ".socketFactory.fallback", "false"); properties.put("mail." + protocol + ".ssl.checkserveridentity", "false"); diff --git a/app/src/main/res/xml/providers.xml b/app/src/main/res/xml/providers.xml index a4ff6dcd08..14d6932a5c 100644 --- a/app/src/main/res/xml/providers.xml +++ b/app/src/main/res/xml/providers.xml @@ -44,6 +44,7 @@ name="Outlook" domain="outlook\\..*" link="https://github.com/M66B/FairEmail/blob/master/FAQ.md#user-content-faq14" + maxtls="1.2" noop="true" order="2" partial="false" @@ -61,6 +62,7 @@ name="Live" domain="live\\..*" link="https://github.com/M66B/FairEmail/blob/master/FAQ.md#user-content-faq14" + maxtls="1.2" noop="true" order="3" partial="false" @@ -78,6 +80,7 @@ name="Hotmail" domain="hotmail\\..*" link="https://github.com/M66B/FairEmail/blob/master/FAQ.md#user-content-faq14" + maxtls="1.2" noop="true" order="4" partial="false" @@ -94,6 +97,7 @@ + link="https://help.runbox.com/email-program-settings/" + maxtls="1.2">