From 412b31b3d5860f4cb725809a5b67c1159a901ee8 Mon Sep 17 00:00:00 2001
From: Arne <arne@monocles.de>
Date: Tue, 3 Sep 2024 07:31:39 +0200
Subject: [PATCH] Add setting to enforce DANE + cleanup strings

---
 .../eu/siacs/conversations/AppSettings.java   |  5 ++++
 .../siacs/conversations/entities/Account.java |  5 +++-
 .../settings/SecuritySettingsFragment.java    |  2 +-
 .../conversations/xmpp/XmppConnection.java    | 22 ++++++++++++++----
 src/main/res/values/defaults.xml              |  1 +
 src/main/res/values/strings.xml               | 20 ----------------
 src/main/res/xml/preferences_security.xml     |  5 ++++
 src/monocleschat/res/values-de/strings.xml    |  9 +++++---
 src/monocleschat/res/values/strings.xml       | 23 +++++++++++++++++++
 9 files changed, 63 insertions(+), 29 deletions(-)

diff --git a/src/main/java/eu/siacs/conversations/AppSettings.java b/src/main/java/eu/siacs/conversations/AppSettings.java
index dde4ff8db..d9ba42993 100644
--- a/src/main/java/eu/siacs/conversations/AppSettings.java
+++ b/src/main/java/eu/siacs/conversations/AppSettings.java
@@ -32,6 +32,7 @@ public class AppSettings {
     public static final String ALLOW_MESSAGE_CORRECTION = "allow_message_correction";
 
     public static final String TRUST_SYSTEM_CA_STORE = "trust_system_ca_store";
+    public static final String DANE_ENFORCED = "enforce_dane";
     public static final String REQUIRE_CHANNEL_BINDING = "channel_binding_required";
     public static final String NOTIFICATION_RINGTONE = "notification_ringtone";
     public static final String NOTIFICATION_HEADS_UP = "notification_headsup";
@@ -91,6 +92,10 @@ public class AppSettings {
         return getBooleanPreference(TRUST_SYSTEM_CA_STORE, R.bool.trust_system_ca_store);
     }
 
+    public boolean isDANEenforced() {
+        return getBooleanPreference(DANE_ENFORCED, R.bool.enforce_dane);
+    }
+
     public boolean isAllowScreenshots() {
         return getBooleanPreference(ALLOW_SCREENSHOTS, R.bool.allow_screenshots);
     }
diff --git a/src/main/java/eu/siacs/conversations/entities/Account.java b/src/main/java/eu/siacs/conversations/entities/Account.java
index 4737ce6ec..fc5e60b4e 100644
--- a/src/main/java/eu/siacs/conversations/entities/Account.java
+++ b/src/main/java/eu/siacs/conversations/entities/Account.java
@@ -836,7 +836,8 @@ public class Account extends AbstractEntity implements AvatarService.Avatarable
         STREAM_OPENING_ERROR,
         POLICY_VIOLATION,
         PAYMENT_REQUIRED,
-        MISSING_INTERNET_PERMISSION(false);
+        MISSING_INTERNET_PERMISSION(false),
+        DANE_FAILED (true);
 
         private final boolean isError;
         private final boolean attemptReconnect;
@@ -928,6 +929,8 @@ public class Account extends AbstractEntity implements AvatarService.Avatarable
                     return R.string.missing_internet_permission;
                 case TEMPORARY_AUTH_FAILURE:
                     return R.string.account_status_temporary_auth_failure;
+                case DANE_FAILED:
+                    return R.string.dane_failed;
                 default:
                     return R.string.account_status_unknown;
             }
diff --git a/src/main/java/eu/siacs/conversations/ui/fragment/settings/SecuritySettingsFragment.java b/src/main/java/eu/siacs/conversations/ui/fragment/settings/SecuritySettingsFragment.java
index 0ccf2679e..58bd2d7b6 100644
--- a/src/main/java/eu/siacs/conversations/ui/fragment/settings/SecuritySettingsFragment.java
+++ b/src/main/java/eu/siacs/conversations/ui/fragment/settings/SecuritySettingsFragment.java
@@ -60,7 +60,7 @@ public class SecuritySettingsFragment extends XmppPreferenceFragment {
                 requireService().updateMemorizingTrustManager();
                 reconnectAccounts();
             }
-            case AppSettings.REQUIRE_CHANNEL_BINDING -> {
+            case AppSettings.DANE_ENFORCED, AppSettings.REQUIRE_CHANNEL_BINDING -> {
                 reconnectAccounts();
             }
             case AppSettings.AUTOMATIC_MESSAGE_DELETION -> {
diff --git a/src/main/java/eu/siacs/conversations/xmpp/XmppConnection.java b/src/main/java/eu/siacs/conversations/xmpp/XmppConnection.java
index da2a387ab..60380d648 100644
--- a/src/main/java/eu/siacs/conversations/xmpp/XmppConnection.java
+++ b/src/main/java/eu/siacs/conversations/xmpp/XmppConnection.java
@@ -1183,10 +1183,24 @@ public class XmppConnection implements Runnable {
     }
 
     private void changeStatusToOnline() {
-        Log.d(
-                Config.LOGTAG,
-                account.getJid().asBareJid() + ": online with resource " + account.getResource());
-        changeStatus(Account.State.ONLINE);
+        if (mXmppConnectionService.getBooleanPreference("enforce_dane",R.bool.enforce_dane)) {
+            if (daneVerified()) {
+                Log.d(
+                        Config.LOGTAG,
+                        account.getJid().asBareJid() + ": online with enforced DANE with resource " + account.getResource());
+                changeStatus(Account.State.ONLINE);
+            } else {
+                Log.d(
+                        Config.LOGTAG,
+                        account.getJid().asBareJid() + ": offline with enforced DANE with resource " + account.getResource());
+                changeStatus(Account.State.DANE_FAILED);
+            }
+        } else {
+            Log.d(
+                    Config.LOGTAG,
+                    account.getJid().asBareJid() + ": online with enforced DANE disabled with resource " + account.getResource());
+            changeStatus(Account.State.ONLINE);
+        }
     }
 
     private void processFailed(final Element failed, final boolean sendBindRequest) {
diff --git a/src/main/res/values/defaults.xml b/src/main/res/values/defaults.xml
index 1b894f07b..24abc0c00 100644
--- a/src/main/res/values/defaults.xml
+++ b/src/main/res/values/defaults.xml
@@ -56,4 +56,5 @@
     <bool name="auto_accept_unmetered">true</bool>
     <string name="avatar_shape">oval</string>
     <bool name="show_nav_bar">true</bool>
+    <bool name="enforce_dane">false</bool>
 </resources>
diff --git a/src/main/res/values/strings.xml b/src/main/res/values/strings.xml
index 848876a98..4f65d95f7 100644
--- a/src/main/res/values/strings.xml
+++ b/src/main/res/values/strings.xml
@@ -1076,24 +1076,4 @@
     <string name="welcome_to_monocles_chat">Welcome to monocles chat</string>
     <string name="monocles_chat_intro_description">monocles chat is an app that connects you to a global network called Jabber. This network includes services, called gateways, for chatting with other networks such as SMS, IRC, Matrix, and more.</string>
     <string name="how_the_xmpp_network_works">How the XMPP network works</string>
-
-    <string name="avater_shape_oval">Oval</string>
-    <string name="avater_shape_rounded_square">Rounded Square</string>
-    <string name="avater_shape_square">Square</string>
-    <string name="pref_avatars_shape">Avatars shape</string>
-    <string name="pref_avatar_shape_summary">Allows you to select avatars shape globally</string>
-    <string name="refresh_feature_discovery">Refresh feature discovery</string>
-    <string name="custom_background">Custom background</string>
-    <string name="pref_chat_background_summary">Choose an own image file as chat background.</string>
-    <string name="delete_background">Remove chat background</string>
-    <string name="pref_delete_background_summary">Remove your custom background image from the chat</string>
-    <string name="create_background_failed">Failed to create background</string>
-    <string name="custom_background_set">Custom background set</string>
-    <string name="delete_background_failed">Couldn\'t remove background image</string>
-    <string name="delete_background_success">Background image removed</string>
-    <string name="no_background_set">No custom background set</string>
-    <string name="pref_show_navigation_bar">Show navigation bar</string>
-    <string name="pref_show_navigation_bar_summary">Use alternative navigation way via navigation bar on the bottom of the screen</string>
-    <string name="chats">Chats</string>
-    <string name="accounts">Accounts</string>
 </resources>
diff --git a/src/main/res/xml/preferences_security.xml b/src/main/res/xml/preferences_security.xml
index 2ca87b504..1704b7f88 100644
--- a/src/main/res/xml/preferences_security.xml
+++ b/src/main/res/xml/preferences_security.xml
@@ -18,6 +18,11 @@
 
     </PreferenceCategory>
     <PreferenceCategory android:title="@string/pref_category_server_connection">
+        <SwitchPreferenceCompat
+            android:defaultValue="@bool/enforce_dane"
+            android:key="enforce_dane"
+            android:summary="@string/pref_enforce_dane_summary"
+            android:title="@string/pref_enforce_dane" />
         <SwitchPreferenceCompat
             android:defaultValue="@bool/trust_system_ca_store"
             android:icon="@drawable/ic_assured_workload_24dp"
diff --git a/src/monocleschat/res/values-de/strings.xml b/src/monocleschat/res/values-de/strings.xml
index e1f217512..1ead5a33f 100644
--- a/src/monocleschat/res/values-de/strings.xml
+++ b/src/monocleschat/res/values-de/strings.xml
@@ -1,10 +1,10 @@
 <?xml version="1.0" encoding="utf-8"?>
 <resources>
     <string name="pick_a_server">Wähle deinen XMPP-Provider</string>
-    <string name="use_conversations.im">Benutze conversations.im</string>
+    <string name="use_conversations.im">Benutze monocles</string>
     <string name="create_new_account">Neues Konto erstellen</string>
-    <string name="do_you_have_an_account">Hast du bereits ein XMPP-Konto? Dies kann der Fall sein, wenn du bereits einen anderen XMPP-Client verwendest oder bereits Conversations verwendet hast. Wenn nicht, kannst du jetzt ein neues XMPP-Konto erstellen.\nTipp: Einige E-Mail-Anbieter bieten auch XMPP-Konten an.</string>
-    <string name="server_select_text">XMPP ist ein anbieterunabhängiges Instant Messaging Netzwerk. Du kannst diesen Client mit jedem beliebigen XMPP-Server nutzen.\nUm es dir leicht zu machen, haben wir die Möglichkeit geschaffen, ein Konto auf conversations.im¹ anzulegen; ein Anbieter, der speziell für die Verwendung mit Conversations geeignet ist.</string>
+    <string name="do_you_have_an_account">Hast du bereits ein XMPP-Konto? Dies kann der Fall sein, wenn du bereits einen anderen XMPP-Client verwendest oder bereits monocles chat verwendet hast. Wenn nicht, kannst du jetzt ein neues XMPP-Konto erstellen.\nTipp: Einige E-Mail-Anbieter bieten auch XMPP-Konten an.</string>
+    <string name="server_select_text">XMPP ist ein anbieterunabhängiges Instant Messaging Netzwerk. Du kannst diesen Client mit jedem beliebigen XMPP-Server nutzen.\nUm es dir leicht zu machen, haben wir die Möglichkeit geschaffen, ein Konto auf monocles.eu¹ anzulegen; ein Anbieter, der speziell für die Verwendung mit monocles chat geeignet ist.</string>
     <string name="magic_create_text_on_x">Du wurdest zu %1$s eingeladen. Wir führen dich durch den Prozess der Kontoerstellung.\nWenn du %1$s als Provider wählst, kannst du mit Nutzern anderer Anbieter kommunizieren, indem du ihnen deine vollständige XMPP-Adresse gibst.</string>
     <string name="magic_create_text_fixed">Du wurdest zu %1$seingeladen. Ein Benutzername ist bereits für dich ausgewählt worden. Wir führen dich durch den Prozess der Kontoerstellung.\nDu kannst mit Nutzern anderer Anbieter kommunizieren, indem du ihnen deine vollständige XMPP-Adresse gibst.</string>
     <string name="your_server_invitation">Deine Einladung für den Server</string>
@@ -13,4 +13,7 @@
     <string name="if_contact_is_nearby_use_qr">Wenn dein Kontakt in der Nähe ist, kann er auch den untenstehenden Code einscannen, um deine Einladung anzunehmen.</string>
     <string name="easy_invite_share_text">Komme zu %1$s und chatte mit mir: %2$s</string>
     <string name="share_invite_with">Einladung teilen mit…</string>
+
+    <string name="pref_enforce_dane_summary">Erlaube Verbindungen nur bei erfolgreicher DANE verifizierung</string>
+    <string name="pref_enforce_dane">DANE erwzingen</string>
 </resources>
\ No newline at end of file
diff --git a/src/monocleschat/res/values/strings.xml b/src/monocleschat/res/values/strings.xml
index 8920b6a31..0b8fb0972 100644
--- a/src/monocleschat/res/values/strings.xml
+++ b/src/monocleschat/res/values/strings.xml
@@ -48,4 +48,27 @@
     <string name="block_inviter">Block inviter</string>
     <string name="add_bookmark">Add Chat</string>
     <string name="received_invite_from_stranger">Received invite from stranger</string>
+
+    <string name="avater_shape_oval">Oval</string>
+    <string name="avater_shape_rounded_square">Rounded Square</string>
+    <string name="avater_shape_square">Square</string>
+    <string name="pref_avatars_shape">Avatars shape</string>
+    <string name="pref_avatar_shape_summary">Allows you to select avatars shape globally</string>
+    <string name="refresh_feature_discovery">Refresh feature discovery</string>
+    <string name="custom_background">Custom background</string>
+    <string name="pref_chat_background_summary">Choose an own image file as chat background.</string>
+    <string name="delete_background">Remove chat background</string>
+    <string name="pref_delete_background_summary">Remove your custom background image from the chat</string>
+    <string name="create_background_failed">Failed to create background</string>
+    <string name="custom_background_set">Custom background set</string>
+    <string name="delete_background_failed">Couldn\'t remove background image</string>
+    <string name="delete_background_success">Background image removed</string>
+    <string name="no_background_set">No custom background set</string>
+    <string name="pref_show_navigation_bar">Show navigation bar</string>
+    <string name="pref_show_navigation_bar_summary">Use alternative navigation way via navigation bar on the bottom of the screen</string>
+    <string name="chats">Chats</string>
+    <string name="accounts">Accounts</string>
+    <string name="pref_enforce_dane_summary">Only connect an account when successfully verified DANE</string>
+    <string name="pref_enforce_dane">Enforce DANE</string>
+    <string name="dane_failed">DANE failed</string>
 </resources>