Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 1bfb78ee authored by brian m. carlson's avatar brian m. carlson
Browse files

Use TrustedSocketFactory for STARTTLS. 

The TrustedSocketFactory, which provides goodies like better cipher suites and
TLSv1.2, was only being used for tunnelled connections.  Use it for STARTTLS
connections as well.
parent d4246a09

src/com/fsck/k9/mail/store/ImapStore.java

+2 −2
Original line number Diff line number Diff line
@@ -2504,8 +2504,8 @@ public class ImapStore extends Store { 
                        sslContext.init(null, new TrustManager[] {

                                            TrustManagerFactory.get(mSettings.getHost(), secure)

                                        }, new SecureRandom());

                        mSocket = sslContext.getSocketFactory().createSocket(mSocket, mSettings.getHost(), mSettings.getPort(),

                                  true);

                        mSocket = TrustedSocketFactory.createSocket(sslContext, mSocket,

                                mSettings.getHost(), mSettings.getPort(), true);

                        mSocket.setSoTimeout(Store.SOCKET_READ_TIMEOUT);

                        mIn = new PeekableInputStream(new BufferedInputStream(mSocket

                                                      .getInputStream(), 1024));

src/com/fsck/k9/mail/store/Pop3Store.java

+2 −2
Original line number Diff line number Diff line
@@ -359,8 +359,8 @@ public class Pop3Store extends Store { 
                        sslContext.init(null, new TrustManager[] {

                                            TrustManagerFactory.get(mHost, secure)

                                        }, new SecureRandom());

                        mSocket = sslContext.getSocketFactory().createSocket(mSocket, mHost, mPort,

                                  true);

                        mSocket = TrustedSocketFactory.createSocket(sslContext, mSocket, mHost,

                                mPort, true);

                        mSocket.setSoTimeout(Store.SOCKET_READ_TIMEOUT);

                        mIn = new BufferedInputStream(mSocket.getInputStream(), 1024);

                        mOut = new BufferedOutputStream(mSocket.getOutputStream(), 512);

src/com/fsck/k9/mail/store/TrustedSocketFactory.java

+8 −0
Original line number Diff line number Diff line
@@ -85,6 +85,14 @@ public class TrustedSocketFactory { 
        return socket;

    }



    public static Socket createSocket(SSLContext sslContext, Socket s, String host, int port,

            boolean autoClose) throws IOException {

        SSLSocket socket = (SSLSocket) sslContext.getSocketFactory().createSocket(s, host, port, autoClose);

        hardenSocket(socket);



        return socket;

    }



    private static void hardenSocket(SSLSocket sock) {

        if (ENABLED_CIPHERS != null) {

            sock.setEnabledCipherSuites(ENABLED_CIPHERS);

src/com/fsck/k9/mail/transport/SmtpTransport.java

+2 −2
Original line number Diff line number Diff line
@@ -304,8 +304,8 @@ public class SmtpTransport extends Transport { 
                    sslContext.init(null, new TrustManager[] {

                                        TrustManagerFactory.get(mHost, secure)

                                    }, new SecureRandom());

                    mSocket = sslContext.getSocketFactory().createSocket(mSocket, mHost, mPort,

                              true);

                    mSocket = TrustedSocketFactory.createSocket(sslContext, mSocket, mHost,

                              mPort, true);

                    mIn = new PeekableInputStream(new BufferedInputStream(mSocket.getInputStream(),

                                                  1024));

                    mOut = mSocket.getOutputStream();