Daniel Gultsch
8afe7efc2c
workaround for OpenFire: check CN first in self signed certs
...
The self signed certificates created by OpenFire (Not sure if other
certs are affected as well) will crash the Java/Android TLS stack when
accessing getSubjectAlternativeNames() on the the peer certificate.
This usually goes unnoticed in other applications since the
DefaultHostnameVerifier checkes the CN first. That however is a
violation of RFC6125 section 6.4.4 which requires us to check for the
existence of SAN first.
This commit adds a work around where in self signed certificates we
check for the CN first as well. (Avoiding the call to
getSubjectAlternativeNames())
2017-07-16 11:05:25 +02:00
Daniel Gultsch
dfa17d1339
more migration fixes for updating from 1.6.0 to 1.19.3
2017-07-14 10:34:01 +02:00
Daniel Gultsch
91119ab691
add reminder to remove minidns workarounds once those are fixed
2017-07-14 09:09:26 +02:00
Daniel Gultsch
ea6b756c0f
fixed bug in db migrations when going from <15 to something recent
2017-07-13 19:28:16 +02:00
Daniel Gultsch
3d0b127a8f
verify with hostname in direct tls connections
2017-07-13 19:27:43 +02:00
Daniel Gultsch
7623accfd5
prefer DNS servers from VPNs
2017-07-12 22:19:45 +02:00
Daniel Gultsch
ecc0ef45c5
disable foreground service if all accounts are disabled
2017-07-12 11:03:32 +02:00
Daniel Gultsch
edb28ccb31
throw state changing exception on failed tls only if no more connection options left
2017-07-11 23:25:59 +02:00
Daniel Gultsch
19c1484053
catch runtime exceptions from minidns
2017-07-11 23:24:09 +02:00
Daniel Gultsch
8de81e0bc8
sync around Conversation.getLatestMessage()
2017-07-11 23:09:51 +02:00
Daniel Gultsch
c5824a3b2a
catch all exceptions around minidns :(
2017-07-10 12:33:04 +02:00
Daniel Gultsch
abf84e065d
made DNSEC hostname validation opt-in
2017-07-10 09:59:25 +02:00
Daniel Gultsch
da00a58902
work around idn short comings in minidns
2017-07-10 08:50:01 +02:00
Daniel Gultsch
7cbef529ae
resolve non-srv domains in resolver class as well
...
this allows us to prefer ipv4
2017-07-10 08:49:22 +02:00
Daniel Gultsch
c400f74918
prefer ipv4 over ipv6
2017-07-09 19:05:23 +02:00
Daniel Gultsch
67bc032ccc
fixed fallback to normal DNS query after DNSSEC failed
2017-07-09 18:03:26 +02:00
Daniel Gultsch
ef980ff5cf
show date separators. fixes #2271
2017-07-04 11:01:20 +02:00
Daniel Gultsch
2ada4d5cfe
allow users to send PMs in mucs w/o voice
2017-07-03 23:58:34 +02:00
Daniel Gultsch
f2409ed95e
set focusable=false instead of enabled=false for rooms w/o voice
2017-07-03 19:55:21 +02:00
Daniel Gultsch
5cac4397dd
catch state changing error when sending timeout to iq callbacks
2017-07-03 19:44:01 +02:00
Daniel Gultsch
7cf360fabf
do not keep files in waiting when file size exceeds http upload limit in groups. fixes #2533
2017-07-01 19:31:48 +02:00
Daniel Gultsch
2b9cdde558
refactored retrieval of default preferences
2017-07-01 13:41:24 +02:00
Daniel Gultsch
311c99bb6d
put settings defaults into resource file
2017-06-30 21:22:35 +02:00
Daniel Gultsch
4a2e222b34
deduplicate disco items before disco#info
2017-06-30 08:45:16 +02:00
Daniel Gultsch
7c1e1132b0
make scan barcode icon survive rotations
2017-06-29 20:23:28 +02:00
Daniel Gultsch
b2aae44645
show scan button in TrustKeys only if there is something to scan
2017-06-29 14:01:12 +02:00
Daniel Gultsch
cbbf6f439b
add publish-options helper class
2017-06-27 22:50:39 +02:00
Daniel Gultsch
59e39304dd
use DND instead of XA when phone is silent
2017-06-27 12:24:26 +02:00
Daniel Gultsch
c85b3bbacc
revised resolver strategy
2017-06-26 14:03:38 +02:00
Daniel Gultsch
6dad1c0dde
refactored resolver to fall back to DNS and use reliable method
2017-06-25 22:46:56 +02:00
Daniel Gultsch
4faf0f2ec9
use ResolverApi.reliable(..)
2017-06-25 19:30:03 +02:00
Daniel Gultsch
2c5250a82c
new resolver fall back to normal dns if dnssec verfication fails
2017-06-25 18:35:40 +02:00
Daniel Gultsch
cbce73c301
fixed fingerprint trust (was messed up after library upgrade)
2017-06-25 18:18:13 +02:00
Daniel Gultsch
14fd41cd7f
fixed patterns source code url
2017-06-25 12:03:26 +02:00
Daniel Gultsch
19b4207c3a
Merge branch 'master' of https://github.com/BlauerHunger/Conversations into BlauerHunger-master
2017-06-24 16:16:34 +02:00
Daniel Gultsch
d24022d755
cleanup nameWithoutVersion() code
2017-06-24 16:13:55 +02:00
Ferdinand Pöll
f8e031ac86
Added preference to control Heads-up Notifications (turned off by default)
2017-06-24 15:38:16 +02:00
Daniel Gultsch
5fd4169720
don't use version part of identity name in presence selection. fixes #2519
2017-06-23 14:51:08 +02:00
Daniel Gultsch
3c90dbe723
fixed ip reporting for dns look ups
2017-06-22 00:09:59 +02:00
Daniel Gultsch
2ed71df01a
also check for hostname in in certs if hostname is from trusted source
2017-06-21 23:40:01 +02:00
Daniel Gultsch
2e380ed792
upgrade minidns. refactored dns utils
2017-06-21 23:28:01 +02:00
Daniel Gultsch
5d9d725446
offer to open website if ibb offers oob redirect. fixes #2503
2017-06-19 20:02:41 +02:00
Daniel Gultsch
95405fde5f
mark message as failed after canceling ft w/o transferable. fixes #2513
2017-06-19 13:23:20 +02:00
Daniel Gultsch
24768d051d
upgrade to signal-protocol-java. thanks @ysangkok
...
fixes #1384
closes #2509
2017-06-18 16:36:30 +02:00
Daniel Gultsch
f67baab983
revised strategy for http upload read timeout
2017-06-18 16:32:01 +02:00
Daniel Gultsch
a1fe8f1c87
make http upload read timeout depend on file size
2017-06-14 16:27:38 +02:00
Daniel Gultsch
00bb527333
recreate settingsactivity when theme changed
2017-06-05 14:57:09 +02:00
Daniel Gultsch
f7f6e8dfd5
make launching app shortcuts work with disabled accounts
2017-06-05 10:18:02 +02:00
Daniel Gultsch
012f60be56
use proper alpha for dark themed icons
2017-06-04 00:05:02 +02:00
Daniel Gultsch
51badfa721
enable forground service for sony smartphones by default
2017-06-02 13:00:20 +02:00