From f0cf46db94bf38ad60b17f201c6d0fd0c84e0e58 Mon Sep 17 00:00:00 2001
From: M66B <M66B@users.noreply.github.com>
Date: Sat, 8 Jan 2022 13:35:45 +0100
Subject: [PATCH] TLS debugging

---
 .../eu/faircode/email/AdapterMessage.java     |  11 +-
 .../java/eu/faircode/email/HtmlHelper.java    |  12 +-
 .../java/eu/faircode/email/MessageHelper.java | 190 +++++++++---------
 3 files changed, 114 insertions(+), 99 deletions(-)

diff --git a/app/src/main/java/eu/faircode/email/AdapterMessage.java b/app/src/main/java/eu/faircode/email/AdapterMessage.java
index 35d2c9d642..e588e33b77 100644
--- a/app/src/main/java/eu/faircode/email/AdapterMessage.java
+++ b/app/src/main/java/eu/faircode/email/AdapterMessage.java
@@ -2255,11 +2255,12 @@ public class AdapterMessage extends RecyclerView.Adapter<AdapterMessage.ViewHold
                         message.headers, message.blocklist != null && message.blocklist);
                 if (BuildConfig.DEBUG && headers instanceof SpannableStringBuilder) {
                     SpannableStringBuilder ssb = (SpannableStringBuilder) headers;
-                    ssb.append("TLS=" + message.tls).append('\n');
-                    ssb.append("DKIM=" + message.dkim).append('\n');
-                    ssb.append("SPF=" + message.spf).append('\n');
-                    ssb.append("DMARC=" + message.dmarc).append('\n');
-                    ssb.append("BL=" + message.blocklist).append('\n');
+                    ssb.append("TLS=" + message.tls)
+                            .append(" DKIM=" + message.dkim)
+                            .append(" SPF=" + message.spf)
+                            .append(" DMARC=" + message.dmarc)
+                            .append(" BL=" + message.blocklist)
+                            .append('\n');
                 }
                 tvHeaders.setText(headers);
                 ibCopyHeaders.setVisibility(View.VISIBLE);
diff --git a/app/src/main/java/eu/faircode/email/HtmlHelper.java b/app/src/main/java/eu/faircode/email/HtmlHelper.java
index 13ba7099b4..fb53ee6b25 100644
--- a/app/src/main/java/eu/faircode/email/HtmlHelper.java
+++ b/app/src/main/java/eu/faircode/email/HtmlHelper.java
@@ -2380,6 +2380,8 @@ public class HtmlHelper {
     static Spanned highlightHeaders(Context context, String headers, boolean blocklist) {
         SpannableStringBuilder ssb = new SpannableStringBuilderEx(headers);
         int textColorLink = Helper.resolveColor(context, android.R.attr.textColorLink);
+        int colorVerified = Helper.resolveColor(context, R.attr.colorVerified);
+        int colorWarning = Helper.resolveColor(context, R.attr.colorWarning);
 
         int index = 0;
         for (String line : headers.split("\n")) {
@@ -2421,8 +2423,6 @@ public class HtmlHelper {
 
                         int iconSize = context.getResources().getDimensionPixelSize(R.dimen.menu_item_icon_size);
                         d.setBounds(0, 0, iconSize, iconSize);
-
-                        int colorWarning = Helper.resolveColor(context, R.attr.colorWarning);
                         d.setTint(colorWarning);
 
                         ssb.append(" \uFFFC"); // Object replacement character
@@ -2462,6 +2462,14 @@ public class HtmlHelper {
 
                         j++;
                     }
+
+                    Boolean tls = MessageHelper.isTLS(h);
+                    ssb.append(" TLS=");
+                    int t = ssb.length();
+                    ssb.append(tls == null ? "?" : Boolean.toString(tls));
+                    if (tls != null)
+                        ssb.setSpan(new ForegroundColorSpan(tls ? colorVerified : colorWarning), t, ssb.length(), 0);
+
                     ssb.append("\n\n");
                 }
             }
diff --git a/app/src/main/java/eu/faircode/email/MessageHelper.java b/app/src/main/java/eu/faircode/email/MessageHelper.java
index 460000cd8a..43a84a4cc6 100644
--- a/app/src/main/java/eu/faircode/email/MessageHelper.java
+++ b/app/src/main/java/eu/faircode/email/MessageHelper.java
@@ -2055,121 +2055,127 @@ public class MessageHelper {
         for (String r : received) {
             String header = MimeUtility.unfold(r);
             Log.i("--- header=" + header);
+            Boolean tls = isTLS(header);
+            if (!Boolean.TRUE.equals(tls))
+                return tls;
+        }
 
-            // Strip date
-            int semi = header.lastIndexOf(';');
-            if (semi > 0)
-                header = header.substring(0, semi);
+        return true;
+    }
 
-            if (header.contains("using TLS") ||
-                    header.contains("version=TLS")) {
-                Log.i("--- found TLS");
-                continue;
-            }
+    static Boolean isTLS(String header) {
+        // Strip date
+        int semi = header.lastIndexOf(';');
+        if (semi > 0)
+            header = header.substring(0, semi);
 
-            // (qmail nnn invoked by uid nnn); 1 Jan 2022 00:00:00 -0000
-            if (header.contains("qmail") && header.contains("invoked by uid")) {
-                Log.i("--- found qmail");
-                continue;
-            }
+        if (header.contains("using TLS") ||
+                header.contains("version=TLS")) {
+            Log.i("--- found TLS");
+            return true;
+        }
 
-            // Get key/values
-            String[] parts = header.split("\\s+");
-            Map<String, StringBuilder> kv = new HashMap<>();
-            String key = null;
-            for (int p = 0; p < parts.length; p++) {
-                String k = parts[p].toLowerCase(Locale.ROOT);
-                if (RECEIVED_WORDS.contains(k)) {
-                    key = k;
-                    if (!kv.containsKey(key))
-                        kv.put(key, new StringBuilder());
-                } else if (key != null) {
-                    StringBuilder sb = kv.get(key);
-                    if (sb.length() > 0)
-                        sb.append(' ');
-                    sb.append(parts[p]);
-                }
+        // (qmail nnn invoked by uid nnn); 1 Jan 2022 00:00:00 -0000
+        if (header.contains("qmail") && header.contains("invoked by uid")) {
+            Log.i("--- found qmail");
+            return true;
+        }
+
+        // Get key/values
+        String[] parts = header.split("\\s+");
+        Map<String, StringBuilder> kv = new HashMap<>();
+        String key = null;
+        for (int p = 0; p < parts.length; p++) {
+            String k = parts[p].toLowerCase(Locale.ROOT);
+            if (RECEIVED_WORDS.contains(k)) {
+                key = k;
+                if (!kv.containsKey(key))
+                    kv.put(key, new StringBuilder());
+            } else if (key != null) {
+                StringBuilder sb = kv.get(key);
+                if (sb.length() > 0)
+                    sb.append(' ');
+                sb.append(parts[p]);
             }
+        }
 
-            // Dump
-            for (String k : kv.keySet())
-                Log.i("--- " + k + "=" + kv.get(k));
+        // Dump
+        for (String k : kv.keySet())
+            Log.i("--- " + k + "=" + kv.get(k));
 
-            // Check if 'by' local address
-            if (kv.containsKey("by")) {
-                String by = kv.get("by").toString();
-                if (isLocal(by)) {
-                    Log.i("--- local by=" + by);
-                    continue;
-                }
+        // Check if 'by' local address
+        if (kv.containsKey("by")) {
+            String by = kv.get("by").toString();
+            if (isLocal(by)) {
+                Log.i("--- local by=" + by);
+                return true;
             }
+        }
 
-            // Check if 'from' local address
-            if (kv.containsKey("from")) {
-                String from = kv.get("from").toString();
-                if (isLocal(from)) {
-                    Log.i("--- local from=" + from);
-                    continue;
-                }
+        // Check if 'from' local address
+        if (kv.containsKey("from")) {
+            String from = kv.get("from").toString();
+            if (isLocal(from)) {
+                Log.i("--- local from=" + from);
+                return true;
             }
+        }
 
-            // Check Microsoft front end transport (proxy)
-            // https://social.technet.microsoft.com/wiki/contents/articles/50370.exchange-2016-what-is-the-front-end-transport-service-on-the-mailbox-role.aspx
-            if (kv.containsKey("via")) {
-                String via = kv.get("via").toString();
-                if ("Frontend Transport".equals(via)) {
-                    Log.i("--- frontend via=" + via);
-                    continue;
-                }
+        // Check Microsoft front end transport (proxy)
+        // https://social.technet.microsoft.com/wiki/contents/articles/50370.exchange-2016-what-is-the-front-end-transport-service-on-the-mailbox-role.aspx
+        if (kv.containsKey("via")) {
+            String via = kv.get("via").toString();
+            if ("Frontend Transport".equals(via)) {
+                Log.i("--- frontend via=" + via);
+                return true;
             }
+        }
 
-            // Check protocol
-            if (!kv.containsKey("with")) {
-                Log.i("--- with missing");
-                return null;
-            }
+        // Check protocol
+        if (!kv.containsKey("with")) {
+            Log.i("--- with missing");
+            return null;
+        }
 
-            // https://datatracker.ietf.org/doc/html/rfc3848
-            // https://www.iana.org/assignments/mail-parameters/mail-parameters.txt
-            String with = kv.get("with").toString();
-            int w = with.indexOf(' ');
-            String protocol = (w < 0 ? with : with.substring(0, w)).toLowerCase(Locale.ROOT);
+        // https://datatracker.ietf.org/doc/html/rfc3848
+        // https://www.iana.org/assignments/mail-parameters/mail-parameters.txt
+        String with = kv.get("with").toString();
+        int w = with.indexOf(' ');
+        String protocol = (w < 0 ? with : with.substring(0, w)).toLowerCase(Locale.ROOT);
 
-            if ("local".equals(protocol)) {
-                // Exim
-                Log.i("--- local with=" + with);
-                continue;
-            }
+        if ("local".equals(protocol)) {
+            // Exim
+            Log.i("--- local with=" + with);
+            return true;
+        }
 
-            if ("mapi".equals(protocol)) {
-                // https://en.wikipedia.org/wiki/MAPI
-                Log.i("--- mapi with=" + with);
-                continue;
-            }
+        if ("mapi".equals(protocol)) {
+            // https://en.wikipedia.org/wiki/MAPI
+            Log.i("--- mapi with=" + with);
+            return true;
+        }
 
-            if ("http".equals(protocol) ||
-                    "httprest".equals(protocol)) {
-                // httprest by gmailapi.google.com
-                Log.i("--- http with=" + with);
-                continue;
-            }
+        if ("http".equals(protocol) ||
+                "httprest".equals(protocol)) {
+            // httprest by gmailapi.google.com
+            Log.i("--- http with=" + with);
+            return true;
+        }
 
-            if (!protocol.contains("mtp")) {
-                Log.i("--- unknown with=" + with);
-                return null;
-            }
+        if (!protocol.contains("mtp")) {
+            Log.i("--- unknown with=" + with);
+            return null;
+        }
 
-            if (!protocol.contains("mtps" /* STARTTLS */) &&
-                    !protocol.contains("_mtpa" /* AUTH */)) {
-                Log.i("--- insecure with=" + with);
-                return false;
-            }
+        if (protocol.contains("mtps")) {
+            Log.i("--- insecure with=" + with);
+            return true;
         }
 
-        return true;
+        return false;
     }
 
-    private boolean isLocal(String value) {
+    private static boolean isLocal(String value) {
         if (value.contains("localhost") ||
                 value.contains("[127.0.0.1]") ||
                 value.contains("[::1]"))