[james-project] 06/06: JAMES-3525 verifyIdentity should not fail on null sender

rcordier Mon, 26 Apr 2021 19:53:45 -0700

This is an automated email from the ASF dual-hosted git repository.

rcordier pushed a commit to branch 3.6.x
in repository https://gitbox.apache.org/repos/asf/james-project.git


commit 2b4fa802e3278bdca6bd2ab4a725c8639fb99db1
Author: Benoit Tellier <[email protected]>
AuthorDate: Sat Apr 17 13:04:30 2021 +0700

    JAMES-3525 verifyIdentity should not fail on null sender
    
    Before this patch an unchecked error was specified. SMTP error code 430.
    
    ```
    java.lang.IllegalArgumentException: null
        at 
com.google.common.base.Preconditions.checkArgument(Preconditions.java:127)
        at 
org.apache.james.protocols.smtp.core.AbstractSenderAuthIdentifyVerificationRcptHook.belongsToLocalDomain(AbstractSenderAuthIdentifyVerificationRcptHook.java:89)
        at 
org.apache.james.protocols.smtp.core.AbstractSenderAuthIdentifyVerificationRcptHook.doRcpt(AbstractSenderAuthIdentifyVerificationRcptHook.java:66)
        at 
org.apache.james.smtpserver.SenderAuthIdentifyVerificationRcptHook.doRcpt(SenderAuthIdentifyVerificationRcptHook.java:59)
        at 
org.apache.james.protocols.smtp.hook.RcptHook.doRcpt(RcptHook.java:77)
    ```
    
    After this patch the sender address is explicitly rejected. Error code 503 
& no stacktrace.
---
 ...ractSenderAuthIdentifyVerificationRcptHook.java |  6 ++--
 .../james/smtp/SmtpIdentityVerificationTest.java   | 37 ++++++++++++++++++++++
 .../org/apache/james/utils/SMTPMessageSender.java  | 11 +++++++
 3 files changed, 52 insertions(+), 2 deletions(-)

diff --git 
a/protocols/smtp/src/main/java/org/apache/james/protocols/smtp/core/AbstractSenderAuthIdentifyVerificationRcptHook.java
 
b/protocols/smtp/src/main/java/org/apache/james/protocols/smtp/core/AbstractSenderAuthIdentifyVerificationRcptHook.java
index f93176c..758eaa6 100644
--- 
a/protocols/smtp/src/main/java/org/apache/james/protocols/smtp/core/AbstractSenderAuthIdentifyVerificationRcptHook.java
+++ 
b/protocols/smtp/src/main/java/org/apache/james/protocols/smtp/core/AbstractSenderAuthIdentifyVerificationRcptHook.java
@@ -86,8 +86,10 @@ public abstract class 
AbstractSenderAuthIdentifyVerificationRcptHook implements
     }
 
     private boolean belongsToLocalDomain(MaybeSender maybeSender) {
-        Preconditions.checkArgument(!maybeSender.isNullSender());
-        return isLocalDomain(maybeSender.get().getDomain());
+        return maybeSender.asOptional()
+            .map(MailAddress::getDomain)
+            .filter(this::isLocalDomain)
+            .isPresent();
     }
 
     /**
diff --git 
a/server/mailet/integration-testing/src/test/java/org/apache/james/smtp/SmtpIdentityVerificationTest.java
 
b/server/mailet/integration-testing/src/test/java/org/apache/james/smtp/SmtpIdentityVerificationTest.java
index f576aa8..f49abda 100644
--- 
a/server/mailet/integration-testing/src/test/java/org/apache/james/smtp/SmtpIdentityVerificationTest.java
+++ 
b/server/mailet/integration-testing/src/test/java/org/apache/james/smtp/SmtpIdentityVerificationTest.java
@@ -22,6 +22,7 @@ package org.apache.james.smtp;
 import static org.apache.james.mailets.configuration.Constants.DEFAULT_DOMAIN;
 import static org.apache.james.mailets.configuration.Constants.LOCALHOST_IP;
 import static org.apache.james.mailets.configuration.Constants.PASSWORD;
+import static org.assertj.core.api.Assertions.assertThatCode;
 import static org.assertj.core.api.Assertions.assertThatThrownBy;
 
 import java.io.File;
@@ -90,6 +91,42 @@ class SmtpIdentityVerificationTest {
     }
 
     @Test
+    void verifyIdentityShouldRejectNullSenderWHenAuthenticated(@TempDir File 
temporaryFolder) throws Exception {
+        createJamesServer(temporaryFolder, SmtpConfiguration.builder()
+            .requireAuthentication()
+            .verifyIdentity());
+
+        assertThatThrownBy(() ->
+            messageSender.connect(LOCALHOST_IP, 
jamesServer.getProbe(SmtpGuiceProbe.class).getSmtpPort())
+                .authenticate(USER, PASSWORD)
+                .sendMessageNoSender(USER))
+            .isEqualTo(new SMTPSendingException(SmtpSendingStep.RCPT, "503 
5.7.1 Incorrect Authentication for Specified Email Address\n"));
+    }
+
+    @Test
+    void verifyIdentityShouldAcceptNullSenderWhenNotAuthenticated(@TempDir 
File temporaryFolder) throws Exception {
+        createJamesServer(temporaryFolder, SmtpConfiguration.builder()
+            .verifyIdentity());
+
+        assertThatCode(() ->
+            messageSender.connect(LOCALHOST_IP, 
jamesServer.getProbe(SmtpGuiceProbe.class).getSmtpPort())
+                .sendMessageNoSender(USER))
+            .doesNotThrowAnyException();
+    }
+
+    @Test
+    void 
verifyIdentityShouldAcceptNullSenderWhenAuthenticationRequired(@TempDir File 
temporaryFolder) throws Exception {
+        createJamesServer(temporaryFolder, SmtpConfiguration.builder()
+            .requireAuthentication()
+            .verifyIdentity());
+
+        assertThatCode(() ->
+            messageSender.connect(LOCALHOST_IP, 
jamesServer.getProbe(SmtpGuiceProbe.class).getSmtpPort())
+                .sendMessageNoSender(USER))
+            .doesNotThrowAnyException();
+    }
+
+    @Test
     void rejectUnauthenticatedSendersUsingLocalDomains(@TempDir File 
temporaryFolder) throws Exception {
         createJamesServer(temporaryFolder, SmtpConfiguration.builder()
             .requireAuthentication()
diff --git 
a/server/testing/src/main/java/org/apache/james/utils/SMTPMessageSender.java 
b/server/testing/src/main/java/org/apache/james/utils/SMTPMessageSender.java
index 655023b..d17c2c1 100644
--- a/server/testing/src/main/java/org/apache/james/utils/SMTPMessageSender.java
+++ b/server/testing/src/main/java/org/apache/james/utils/SMTPMessageSender.java
@@ -126,6 +126,17 @@ public class SMTPMessageSender extends ExternalResource 
implements Closeable, Af
         return this;
     }
 
+    public SMTPMessageSender sendMessageNoSender(String recipient) throws 
IOException {
+        doHelo();
+        doSetSender("");
+        doAddRcpt(recipient);
+        doData("subject: test\r\n" +
+            "\r\n" +
+            "content\r\n" +
+            ".\r\n");
+        return this;
+    }
+
     public SMTPMessageSender sendMessage(Mail mail) throws MessagingException, 
IOException {
         String from = mail.getMaybeSender().asString();
         ImmutableList<String> recipients = mail.getRecipients().stream()

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

[james-project] 06/06: JAMES-3525 verifyIdentity should not fail on null sender

Reply via email to