Commit Graph

4234 Commits

Author SHA1 Message Date
Daniel Gultsch 7ac26952d7 version bump to 1.19.5 + changelog 2017-07-23 07:51:13 +02:00
Daniel Gultsch c8bd5bc1f5 made OF selfSigned() workaround only available >=kitkat
this undos 8a729061d5. as it turns out 4.1
and 4.0 only break when checking if a cert is self signed.
2017-07-23 07:47:39 +02:00
Daniel Gultsch 58f3787795 increment version code for 1.19.4 2017-07-17 23:14:02 +02:00
Daniel Gultsch 8a729061d5 use CN-workaround for pre-kitkat 2017-07-17 23:13:55 +02:00
Daniel Gultsch 8285a4fe1c pulled translations from transifex 2017-07-17 22:06:56 +02:00
Daniel Gultsch 217335703c fix regression introduces with OF fix. properly fall back to common name 2017-07-17 21:11:15 +02:00
Daniel Gultsch 0a20b87ebe check length first in timestamp parser 2017-07-16 21:03:59 +02:00
Daniel Gultsch febee9863f catch IllegalArgumentException caused by invalid custom hostname 2017-07-16 21:02:56 +02:00
Daniel Gultsch 2dce71cd96 version bump to 1.19.4 + changelog 2017-07-16 11:38:17 +02:00
Daniel Gultsch 8afe7efc2c workaround for OpenFire: check CN first in self signed certs
The self signed certificates created by OpenFire (Not sure if other
certs are affected as well) will crash the Java/Android TLS stack when
accessing getSubjectAlternativeNames() on the the peer certificate.

This usually goes unnoticed in other applications since the
DefaultHostnameVerifier checkes the CN first. That however is a
violation of RFC6125 section 6.4.4 which requires us to check for the
existence of SAN first.

This commit adds a work around where in self signed certificates we
check for the CN first as well. (Avoiding the call to
getSubjectAlternativeNames())
2017-07-16 11:05:25 +02:00
Daniel Gultsch dfa17d1339 more migration fixes for updating from 1.6.0 to 1.19.3 2017-07-14 10:34:01 +02:00
Daniel Gultsch 91119ab691 add reminder to remove minidns workarounds once those are fixed 2017-07-14 09:09:26 +02:00
Daniel Gultsch ea6b756c0f fixed bug in db migrations when going from <15 to something recent 2017-07-13 19:28:16 +02:00
Daniel Gultsch 3d0b127a8f verify with hostname in direct tls connections 2017-07-13 19:27:43 +02:00
Daniel Gultsch 7623accfd5 prefer DNS servers from VPNs 2017-07-12 22:19:45 +02:00
Daniel Gultsch 35a4b848a5 version bump to 1.19.3 + changelog 2017-07-12 14:46:12 +02:00
Daniel Gultsch 45f92553c4 pulled translations from transifex 2017-07-12 11:54:05 +02:00
Daniel Gultsch ecc0ef45c5 disable foreground service if all accounts are disabled 2017-07-12 11:03:32 +02:00
Daniel Gultsch edb28ccb31 throw state changing exception on failed tls only if no more connection options left 2017-07-11 23:25:59 +02:00
Daniel Gultsch 19c1484053 catch runtime exceptions from minidns 2017-07-11 23:24:09 +02:00
Daniel Gultsch 8de81e0bc8 sync around Conversation.getLatestMessage() 2017-07-11 23:09:51 +02:00
Daniel Gultsch 4d1b6d4404 version bump to 1.19.2 + changelog 2017-07-10 12:38:48 +02:00
Daniel Gultsch c5824a3b2a catch all exceptions around minidns :( 2017-07-10 12:33:04 +02:00
Daniel Gultsch a1f9f5e774 version bump to 1.19.1 + changelog 2017-07-10 10:06:20 +02:00
Daniel Gultsch 8415f27cac pulled translations from transifex 2017-07-10 10:06:08 +02:00
Daniel Gultsch abf84e065d made DNSEC hostname validation opt-in 2017-07-10 09:59:25 +02:00
Daniel Gultsch da00a58902 work around idn short comings in minidns 2017-07-10 08:50:01 +02:00
Daniel Gultsch 7cbef529ae resolve non-srv domains in resolver class as well
this allows us to prefer ipv4
2017-07-10 08:49:22 +02:00
Daniel Gultsch c400f74918 prefer ipv4 over ipv6 2017-07-09 19:05:23 +02:00
Daniel Gultsch 67bc032ccc fixed fallback to normal DNS query after DNSSEC failed 2017-07-09 18:03:26 +02:00
Daniel Gultsch ae0ba3bbc1 version bump to 1.19.0 + changelog 2017-07-05 13:16:54 +02:00
Daniel Gultsch 7df0f3fd28 pulled translations from transifex 2017-07-05 11:29:42 +02:00
Daniel Gultsch ef980ff5cf show date separators. fixes #2271 2017-07-04 11:01:20 +02:00
Daniel Gultsch 2ada4d5cfe allow users to send PMs in mucs w/o voice 2017-07-03 23:58:34 +02:00
Daniel Gultsch f2409ed95e set focusable=false instead of enabled=false for rooms w/o voice 2017-07-03 19:55:21 +02:00
Daniel Gultsch 5cac4397dd catch state changing error when sending timeout to iq callbacks 2017-07-03 19:44:01 +02:00
Daniel Gultsch 7cf360fabf do not keep files in waiting when file size exceeds http upload limit in groups. fixes #2533 2017-07-01 19:31:48 +02:00
Daniel Gultsch 2b9cdde558 refactored retrieval of default preferences 2017-07-01 13:41:24 +02:00
Daniel Gultsch 7d4d5c437a pulled translations from transifex 2017-06-30 21:28:02 +02:00
Daniel Gultsch 311c99bb6d put settings defaults into resource file 2017-06-30 21:22:35 +02:00
Daniel Gultsch 4a2e222b34 deduplicate disco items before disco#info 2017-06-30 08:45:16 +02:00
Daniel Gultsch 7c1e1132b0 make scan barcode icon survive rotations 2017-06-29 20:23:28 +02:00
Daniel Gultsch b2aae44645 show scan button in TrustKeys only if there is something to scan 2017-06-29 14:01:12 +02:00
Daniel Gultsch cbbf6f439b add publish-options helper class 2017-06-27 22:50:39 +02:00
Daniel Gultsch 90afaab8ed version bump to 1.19.0-beta.2 + changelog 2017-06-27 16:30:01 +02:00
Daniel Gultsch 59e39304dd use DND instead of XA when phone is silent 2017-06-27 12:24:26 +02:00
Daniel Gultsch c85b3bbacc revised resolver strategy 2017-06-26 14:03:38 +02:00
Daniel Gultsch 6dad1c0dde refactored resolver to fall back to DNS and use reliable method 2017-06-25 22:46:56 +02:00
Daniel Gultsch 4faf0f2ec9 use ResolverApi.reliable(..) 2017-06-25 19:30:03 +02:00
Daniel Gultsch 2c5250a82c new resolver fall back to normal dns if dnssec verfication fails 2017-06-25 18:35:40 +02:00