The security issue occurs because id is allowed to be an arbitrary
path instead of being limited to what it is -- a long. Both id
and account id are now parsed into longs (and if either fails, an
error will be logged and null will be returned).
Tested/verified error is logged using the reported attack.
BUG=30745403
Change-Id: Ia21418545bbaeb96fb5ab6c3f4e71858e57b8684
(cherry picked from commit 9794d7e8216138adf143a3b6faf3d5683316a662)
b/18104622
There were some suggestions for additional info to log.
Now we also log the protocol being used, along with the
cipher suite, and whether or not we are accepting all
certificates (i.e. whether or not we are verifying
hostnames.)
Change-Id: Iad1fa4d2867d4a27830d54cc7fafcd0d32e0b23b
b/18001842
I do this in MailTransport, which is only used by POP and IMAP.
I can't log Analytics in SSLSocketFactoryWrapper, because that
is in emailcommon and would cause a circular dependancy between
emailcomman and UnifiedEmail.
This will not yet work for Exchange, because it gets its socket
indirectly through EmailClientConnectionManager, using a
SchemeRegistry. Still, it will be helpful to get this info for POP
and IMAP.
Change-Id: Ibb9d22c83c49d0ba5090295b5321ca6afb09e65b
b/17720266
When replying to a message, sometimes the wrong message
is included in the reply. This seems to be related to
smart reply/forward, since it only has ever been known to
happen on an Exchange 2013 server. For now, disable smart
reply/forward.
We do this by making the EmailProvider always zero out the
FLAGS_SUPPORTS_SMART_FORWARD bit on the account. This way
we can control this feature from the Email app, rather than
Exchange.
Change-Id: I88bb5f06a1098f9f085592b0a3cf1a01d9eb3fc7
b/17443087
Now for certain folder types, when they are first created,
the uiSyncStatus is set to NEEDS_INITIAL_SYNC. This prevents
us from displaying the empty state until after the sync has
completed.
Change-Id: Ib04c915f6972ecb75092dd50e90dee8647ee2f64
b/15868294
b/17377040
When we do a search, we clear the current contents of the search mailbox,
and then send a request to whatever service is appropriate (IMAP or
Exchange.) The service then begins a sync and updates the sync state.
The thing is, this leaves a time window when the sync state is still
NONE, but no contents have been loaded yet.
So now, as soon as the search request is made, we set the sync state
to LIVE, then send off the request. That should keep the empty state
view hidden until we actually do the sync.
Change-Id: Ia97e1cf2773db460fdf32aaa45205c4e6034527d
b/17573792
This is needed so that we can send cached files as attachments.
This case comes up if you edit a draft with an attachment,
view the attachment, and then share that with Email.
Also, update the manifest so that EmailProvider grants
uri permission for cachedFiles.
Change-Id: Ib32ae8360b627823af9361cba05e0e5dbd0ae4ca
When AccountManager notifies of account change, resend notifications
because the existing ones can point to an account that doesn't
exist anymore.
Bug: 17713589 Gmail crashes when accessing an old notification for an account that has been deleted.
Change-Id: I6c2cf5234006f4859fea5bbaa52970963bcfccdd
b/15721931
This follows an example pattern from GoogleHttpClient.
It tries to get the SSLCertificateSocketFactory from
GmsCore using reflection. If that fails, (because GmsCore
is not installed on the device) then it will fall back
to the platform implementation.
MailApplication sets a static object in SSLUtils that
allows it to get an externally created SSLCertifcateSocketFactory.
If this method is set, then it will use it, otherwise it
will fall back to the platform factory. This way there
is no reference to GmsCore in the AOSP email.
Change-Id: I0890fe4c3d79283fb98a4dc5a62a32efd320e52a
If we have an error writing an old body file and overwrite the same ID,
we might end up in a situation where we have HTML from one message and Text
from another. Clean up the body files before insert to avoid this.
b/17720266
Change-Id: I2fb18fa24c6f3bc01e7c877e2f3bfccee6a34015
b/16463253
The FAB compose button overlaps the action button found in the TL footer
when network errors occur during sync. To avoid this overlap, the snackbar
is used to display these errors and they no longer appear as a TL footer.
In order to signal the sync error to AAC for display in the snackbar, the
Folder.lastSyncResult needed to be encoded in the manner that AAC reads.
This was not happening for POP/IMAP/Exchange accounts, so a large portion
of this change is encoding that value properly every place it is written.
To ensure the value is read/written properly everywhere, common methods were
introduced in UIProvider that do this work. UIProviderTest was also added
to ensure the read/write methods agree with each other.
Finally, the display of the "Load More" TL footer was updated to match the
latest spec.
Change-Id: I9d3ae1157f288f05b0fed4d1385858f6c9ebfbf9
b/17443087
When we migrate exchange accounts, we copy mailboxes over to the
new account (in order to preserve sync frequency and window).
The problem with this is, you may have many accounts/mailboxes.
After starting the app, it may take quite a long time before all
mailboxes are synced. If the user visits some mailbox near the
bottom, they'll see a misleading "folder is empty" view.
Now, when migrating, we'll set the uisyncstatus to INITIAL_SYNC_NEEDED.
Here I needed to add INITAL_SYNC_NEEDED to the list of states
that EmailConversationCursor will consider incompletely loaded.
Change-Id: Idef13adf9d691c03665830a2f926b1806d7591da
This reduces the tombstone down by 100K
A follow-on cl will remove the unused resources from the tombstone build
Bug: 17414014
Change-Id: I5d38811b17a5273ec726e750ab123e10e36cee04