Mirrors/FairEmail
1
0
Fork 0
mirror of https://github.com/M66B/FairEmail.git synced 2026-04-02 15:17:03 +02:00
Code Issues Packages Projects Releases Wiki Activity

Added support for client certificates (untested)

Browse Source
This commit is contained in:
M66B
2020-02-09 13:58:16 +01:00
parent c298eb824a
commit 58e49368e3
14 changed files with 2260 additions and 27 deletions
Download Patch File Download Diff File Expand all files Collapse all files

34
app/src/main/java/eu/faircode/email/EmailService.java
View File

@@ -62,6 +62,8 @@ import javax.mail.Service;
import javax.mail.Session;
import javax.mail.Store;
import javax.mail.event.StoreListener;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.SSLSocketFactory;
@@ -232,7 +234,11 @@ public class EmailService implements AutoCloseable {
}
public void connect(EntityAccount account) throws MessagingException {
String password = connect(account.host, account.port, account.auth_type, account.provider, account.user, account.password, account.fingerprint);
String password = connect(
account.host, account.port,
account.auth_type, account.provider,
account.user, account.password,
account.certificate, account.fingerprint);
if (password != null) {
DB db = DB.getInstance(context);
int count = db.account().setAccountPassword(account.id, account.password);
@@ -241,7 +247,11 @@ public class EmailService implements AutoCloseable {
}
public void connect(EntityIdentity identity) throws MessagingException {
String password = connect(identity.host, identity.port, identity.auth_type, identity.provider, identity.user, identity.password, identity.fingerprint);
String password = connect(
identity.host, identity.port,
identity.auth_type, identity.provider,
identity.user, identity.password,
identity.certificate, identity.fingerprint);
if (password != null) {
DB db = DB.getInstance(context);
int count = db.identity().setIdentityPassword(identity.id, identity.password);
@@ -252,10 +262,10 @@ public class EmailService implements AutoCloseable {
public String connect(
String host, int port,
int auth, String provider, String user, String password,
String fingerprint) throws MessagingException {
boolean certificate, String fingerprint) throws MessagingException {
SSLSocketFactoryService factory = null;
try {
factory = new SSLSocketFactoryService(host, insecure, harden, fingerprint);
factory = new SSLSocketFactoryService(host, insecure, harden, certificate, fingerprint);
properties.put("mail." + protocol + ".ssl.socketFactory", factory);
properties.put("mail." + protocol + ".socketFactory.fallback", "false");
properties.put("mail." + protocol + ".ssl.checkserveridentity", "false");
@@ -564,7 +574,7 @@ public class EmailService implements AutoCloseable {
private SSLSocketFactory factory;
private X509Certificate certificate;
SSLSocketFactoryService(String host, boolean insecure, boolean harden, String fingerprint) throws GeneralSecurityException {
SSLSocketFactoryService(String host, boolean insecure, boolean harden, boolean use_certificate, String fingerprint) throws GeneralSecurityException {
this.server = host;
this.secure = !insecure;
this.harden = harden;
@@ -633,7 +643,19 @@ public class EmailService implements AutoCloseable {
}
};
sslContext.init(null, new TrustManager[]{tm}, null);
KeyManager[] km = null;
if (use_certificate)
try {
KeyStore ks = KeyStore.getInstance("AndroidCAStore");
ks.load(null, null);
KeyManagerFactory kmf = KeyManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
kmf.init(ks, null);
km = kmf.getKeyManagers();
} catch (Throwable ex) {
Log.e(ex);
}
sslContext.init(km, new TrustManager[]{tm}, null);
}
factory = sslContext.getSocketFactory();