diff options
Diffstat (limited to 'OpenKeychain/src/main/java/org/sufficientlysecure/keychain/util')
5 files changed, 112 insertions, 55 deletions
diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/util/EmailKeyHelper.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/util/EmailKeyHelper.java index 9a6d33260..a55249842 100644 --- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/util/EmailKeyHelper.java +++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/util/EmailKeyHelper.java @@ -74,9 +74,9 @@ public class EmailKeyHelper { // Try _hkp._tcp SRV record first String[] mailparts = mail.split("@"); if (mailparts.length == 2) { - HkpKeyserver hkp = HkpKeyserver.resolve(mailparts[1]); + HkpKeyserver hkp = HkpKeyserver.resolve(mailparts[1], proxy); if (hkp != null) { - keys.addAll(getEmailKeys(mail, hkp, proxy)); + keys.addAll(getEmailKeys(mail, hkp)); } } @@ -84,18 +84,17 @@ public class EmailKeyHelper { // Most users don't have the SRV record, so ask a default server as well String server = Preferences.getPreferences(context).getPreferredKeyserver(); if (server != null) { - HkpKeyserver hkp = new HkpKeyserver(server); - keys.addAll(getEmailKeys(mail, hkp, proxy)); + HkpKeyserver hkp = new HkpKeyserver(server, proxy); + keys.addAll(getEmailKeys(mail, hkp)); } } return keys; } - public static List<ImportKeysListEntry> getEmailKeys(String mail, Keyserver keyServer, - Proxy proxy) { + public static List<ImportKeysListEntry> getEmailKeys(String mail, Keyserver keyServer) { Set<ImportKeysListEntry> keys = new HashSet<>(); try { - for (ImportKeysListEntry key : keyServer.search(mail, proxy)) { + for (ImportKeysListEntry key : keyServer.search(mail)) { if (key.isRevoked() || key.isExpired()) continue; for (String userId : key.getUserIds()) { if (userId.toLowerCase().contains(mail.toLowerCase(Locale.ENGLISH))) { diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/util/FileHelper.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/util/FileHelper.java index 236913be7..7345faad9 100644 --- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/util/FileHelper.java +++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/util/FileHelper.java @@ -272,57 +272,21 @@ public class FileHelper { return true; } - /** - * Tests whether a file is readable by others - */ - @TargetApi(VERSION_CODES.LOLLIPOP) - public static boolean S_IROTH(int mode) { - return (mode & S_IROTH) == S_IROTH; - } - - /** - * A replacement for ContentResolver.openInputStream() that does not allow the usage of - * "file" Uris that point to private files owned by the application only. + /** A replacement for ContentResolver.openInputStream() that does not allow + * the usage of "file" Uris that point to private files owned by the + * application only, *on Lollipop devices*. * - * This is not allowed: - * am start -a android.intent.action.SEND -t text/plain -n - * "org.sufficientlysecure.keychain.debug/org.sufficientlysecure.keychain.ui.EncryptFilesActivity" --eu - * android.intent.extra.STREAM - * file:///data/data/org.sufficientlysecure.keychain.debug/databases/openkeychain.db + * The check will be performed on devices >= Lollipop only, which have the + * necessary API to stat filedescriptors. * - * @throws FileNotFoundException + * @see FileHelperLollipop */ - @TargetApi(VERSION_CODES.LOLLIPOP) public static InputStream openInputStreamSafe(ContentResolver resolver, Uri uri) - throws FileNotFoundException { + throws FileNotFoundException { // Not supported on Android < 5 - if (Build.VERSION.SDK_INT < VERSION_CODES.LOLLIPOP) { - return resolver.openInputStream(uri); - } - - String scheme = uri.getScheme(); - if (ContentResolver.SCHEME_FILE.equals(scheme)) { - ParcelFileDescriptor pfd = ParcelFileDescriptor.open( - new File(uri.getPath()), ParcelFileDescriptor.parseMode("r")); - - try { - final StructStat st = Os.fstat(pfd.getFileDescriptor()); - if (!S_IROTH(st.st_mode)) { - Log.e(Constants.TAG, "File is not readable by others, aborting!"); - throw new FileNotFoundException("Unable to create stream"); - } - } catch (ErrnoException e) { - Log.e(Constants.TAG, "fstat() failed: " + e); - throw new FileNotFoundException("fstat() failed"); - } - - AssetFileDescriptor fd = new AssetFileDescriptor(pfd, 0, -1); - try { - return fd.createInputStream(); - } catch (IOException e) { - throw new FileNotFoundException("Unable to create stream"); - } + if (Build.VERSION.SDK_INT >= VERSION_CODES.LOLLIPOP) { + return FileHelperLollipop.openInputStreamSafe(resolver, uri); } else { return resolver.openInputStream(uri); } diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/util/FileHelperLollipop.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/util/FileHelperLollipop.java new file mode 100644 index 000000000..f89d679bc --- /dev/null +++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/util/FileHelperLollipop.java @@ -0,0 +1,82 @@ +package org.sufficientlysecure.keychain.util; + + +import java.io.File; +import java.io.FileNotFoundException; +import java.io.IOException; +import java.io.InputStream; + +import android.annotation.TargetApi; +import android.content.ContentResolver; +import android.content.res.AssetFileDescriptor; +import android.net.Uri; +import android.os.Build; +import android.os.Build.VERSION_CODES; +import android.os.ParcelFileDescriptor; +import android.system.ErrnoException; +import android.system.Os; +import android.system.StructStat; + +import org.sufficientlysecure.keychain.Constants; + +import static android.system.OsConstants.S_IROTH; + + +/** FileHelper methods which use Lollipop-exclusive API. + * Some of the methods and static fields used here cause VerifyErrors because + * they do not exist in pre-lollipop API, so they must be kept in a + * lollipop-only class. All methods here should only be called by FileHelper, + * and consequently have package visibility. + */ +@TargetApi(VERSION_CODES.LOLLIPOP) +class FileHelperLollipop { + /** + * Tests whether a file is readable by others + */ + private static boolean S_IROTH(int mode) { + return (mode & S_IROTH) == S_IROTH; + } + + /** + * A replacement for ContentResolver.openInputStream() that does not allow the usage of + * "file" Uris that point to private files owned by the application only. + * + * This is not allowed: + * am start -a android.intent.action.SEND -t text/plain -n + * "org.sufficientlysecure.keychain.debug/org.sufficientlysecure.keychain.ui.EncryptFilesActivity" --eu + * android.intent.extra.STREAM + * file:///data/data/org.sufficientlysecure.keychain.debug/databases/openkeychain.db + * + * @throws FileNotFoundException + */ + static InputStream openInputStreamSafe(ContentResolver resolver, Uri uri) + throws FileNotFoundException { + + String scheme = uri.getScheme(); + if (ContentResolver.SCHEME_FILE.equals(scheme)) { + ParcelFileDescriptor pfd = ParcelFileDescriptor.open( + new File(uri.getPath()), ParcelFileDescriptor.parseMode("r")); + + try { + final StructStat st = Os.fstat(pfd.getFileDescriptor()); + if (!S_IROTH(st.st_mode)) { + Log.e(Constants.TAG, "File is not readable by others, aborting!"); + throw new FileNotFoundException("Unable to create stream"); + } + } catch (ErrnoException e) { + Log.e(Constants.TAG, "fstat() failed: " + e); + throw new FileNotFoundException("fstat() failed"); + } + + AssetFileDescriptor fd = new AssetFileDescriptor(pfd, 0, -1); + try { + return fd.createInputStream(); + } catch (IOException e) { + throw new FileNotFoundException("Unable to create stream"); + } + } else { + return resolver.openInputStream(uri); + } + + } +} diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/util/ParcelableProxy.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/util/ParcelableProxy.java index 7e788d04c..7e2328e99 100644 --- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/util/ParcelableProxy.java +++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/util/ParcelableProxy.java @@ -17,12 +17,14 @@ package org.sufficientlysecure.keychain.util; -import android.os.Parcel; -import android.os.Parcelable; import java.net.InetSocketAddress; import java.net.Proxy; +import android.os.Parcel; +import android.os.Parcelable; +import android.support.annotation.NonNull; + /** * used to simply transport java.net.Proxy objects created using InetSockets between services/activities */ @@ -47,9 +49,10 @@ public class ParcelableProxy implements Parcelable { return new ParcelableProxy(null, -1, null); } + @NonNull public Proxy getProxy() { if (mProxyHost == null) { - return null; + return Proxy.NO_PROXY; } /* * InetSocketAddress.createUnresolved so we can use this method even in the main thread diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/util/Preferences.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/util/Preferences.java index 8b2c3c66a..559c5556f 100644 --- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/util/Preferences.java +++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/util/Preferences.java @@ -23,6 +23,9 @@ import android.content.SharedPreferences; import android.content.res.Resources; import android.preference.PreferenceManager; +import android.support.annotation.NonNull; +import android.support.annotation.Nullable; + import org.sufficientlysecure.keychain.Constants; import org.sufficientlysecure.keychain.Constants.Pref; import org.sufficientlysecure.keychain.service.KeyserverSyncAdapterService; @@ -322,6 +325,12 @@ public class Preferences { if (!torEnabled && !normalPorxyEnabled) this.parcelableProxy = new ParcelableProxy(null, -1, null); else this.parcelableProxy = new ParcelableProxy(hostName, port, type); } + + @NonNull + public Proxy getProxy() { + return parcelableProxy.getProxy(); + } + } // cloud prefs |