From cf31f95318dea1ccad459dadcc172707c84c3f25 Mon Sep 17 00:00:00 2001
From: M66B <M66B@users.noreply.github.com>
Date: Sat, 9 Dec 2023 14:53:58 +0100
Subject: [PATCH] Disabled insecure option for standard trust manager

---
 app/src/dummy/java/eu/faircode/email/SSLHelper.java       | 4 ++++
 app/src/extra/java/eu/faircode/email/SSLHelper.java       | 4 ++++
 app/src/main/java/eu/faircode/email/FragmentAccount.java  | 5 +++++
 app/src/main/java/eu/faircode/email/FragmentIdentity.java | 6 +++++-
 app/src/main/java/eu/faircode/email/FragmentPop.java      | 5 +++++
 5 files changed, 23 insertions(+), 1 deletion(-)

diff --git a/app/src/dummy/java/eu/faircode/email/SSLHelper.java b/app/src/dummy/java/eu/faircode/email/SSLHelper.java
index a8244b3474..25e8e568ba 100644
--- a/app/src/dummy/java/eu/faircode/email/SSLHelper.java
+++ b/app/src/dummy/java/eu/faircode/email/SSLHelper.java
@@ -24,6 +24,10 @@ public class SSLHelper {
         return rtm;
     }
 
+    static boolean customTrustManager() {
+        return false;
+    }
+
     interface ITrust {
         void checkServerTrusted(X509Certificate[] chain);
     }
diff --git a/app/src/extra/java/eu/faircode/email/SSLHelper.java b/app/src/extra/java/eu/faircode/email/SSLHelper.java
index 74b2a23be3..c3fb5f7a01 100644
--- a/app/src/extra/java/eu/faircode/email/SSLHelper.java
+++ b/app/src/extra/java/eu/faircode/email/SSLHelper.java
@@ -128,6 +128,10 @@ public class SSLHelper {
         };
     }
 
+    static boolean customTrustManager() {
+        return true;
+    }
+
     private static boolean matches(X509Certificate certificate, @NonNull String trustedFingerprint) {
         // Get certificate fingerprint
         try {
diff --git a/app/src/main/java/eu/faircode/email/FragmentAccount.java b/app/src/main/java/eu/faircode/email/FragmentAccount.java
index 233111e4fa..103585e640 100644
--- a/app/src/main/java/eu/faircode/email/FragmentAccount.java
+++ b/app/src/main/java/eu/faircode/email/FragmentAccount.java
@@ -628,6 +628,11 @@ public class FragmentAccount extends FragmentBase {
         btnAutoConfig.setEnabled(false);
         pbAutoConfig.setVisibility(View.GONE);
 
+        if (!SSLHelper.customTrustManager()) {
+            Helper.hide(cbInsecure);
+            Helper.hide(tvInsecureRemark);
+        }
+
         if (id < 0)
             tilPassword.setEndIconMode(END_ICON_PASSWORD_TOGGLE);
         else
diff --git a/app/src/main/java/eu/faircode/email/FragmentIdentity.java b/app/src/main/java/eu/faircode/email/FragmentIdentity.java
index 948fa0028f..2054c993ab 100644
--- a/app/src/main/java/eu/faircode/email/FragmentIdentity.java
+++ b/app/src/main/java/eu/faircode/email/FragmentIdentity.java
@@ -566,7 +566,11 @@ public class FragmentIdentity extends FragmentBase {
         Helper.setViewsEnabled(view, false);
         btnAutoConfig.setEnabled(false);
         pbAutoConfig.setVisibility(View.GONE);
-        cbInsecure.setVisibility(View.GONE);
+
+        if (!SSLHelper.customTrustManager()) {
+            Helper.hide(cbInsecure);
+            Helper.hide(tvInsecureRemark);
+        }
 
         btnAdvanced.setVisibility(View.GONE);
 
diff --git a/app/src/main/java/eu/faircode/email/FragmentPop.java b/app/src/main/java/eu/faircode/email/FragmentPop.java
index d7d275afcb..66ef23e550 100644
--- a/app/src/main/java/eu/faircode/email/FragmentPop.java
+++ b/app/src/main/java/eu/faircode/email/FragmentPop.java
@@ -353,6 +353,11 @@ public class FragmentPop extends FragmentBase {
         // Initialize
         Helper.setViewsEnabled(view, false);
 
+        if (!SSLHelper.customTrustManager()) {
+            Helper.hide(cbInsecure);
+            Helper.hide(tvInsecureRemark);
+        }
+
         if (id < 0)
             tilPassword.setEndIconMode(END_ICON_PASSWORD_TOGGLE);
         else