Author: norman Date: Fri Sep 16 10:54:43 2011 New Revision: 1171499 URL: http://svn.apache.org/viewvc?rev=1171499&view=rev Log: Handle STARTTLS correctly by use an special interface for the SMTPStartTlsResponse. See PROTOCOLS-30
Added: james/protocols/trunk/api/src/main/java/org/apache/james/protocols/api/StartTlsResponse.java (with props) james/protocols/trunk/smtp/src/main/java/org/apache/james/protocols/smtp/SMTPStartTLSResponse.java (with props) Modified: james/protocols/trunk/api/src/main/java/org/apache/james/protocols/api/TLSSupportedSession.java james/protocols/trunk/impl/src/main/java/org/apache/james/protocols/impl/AbstractSession.java james/protocols/trunk/smtp/src/main/java/org/apache/james/protocols/smtp/SMTPResponse.java james/protocols/trunk/smtp/src/main/java/org/apache/james/protocols/smtp/core/esmtp/StartTlsCmdHandler.java Added: james/protocols/trunk/api/src/main/java/org/apache/james/protocols/api/StartTlsResponse.java URL: http://svn.apache.org/viewvc/james/protocols/trunk/api/src/main/java/org/apache/james/protocols/api/StartTlsResponse.java?rev=1171499&view=auto ============================================================================== --- james/protocols/trunk/api/src/main/java/org/apache/james/protocols/api/StartTlsResponse.java (added) +++ james/protocols/trunk/api/src/main/java/org/apache/james/protocols/api/StartTlsResponse.java Fri Sep 16 10:54:43 2011 @@ -0,0 +1,30 @@ +/**************************************************************** + * Licensed to the Apache Software Foundation (ASF) under one * + * or more contributor license agreements. See the NOTICE file * + * distributed with this work for additional information * + * regarding copyright ownership. The ASF licenses this file * + * to you under the Apache License, Version 2.0 (the * + * "License"); you may not use this file except in compliance * + * with the License. You may obtain a copy of the License at * + * * + * http://www.apache.org/licenses/LICENSE-2.0 * + * * + * Unless required by applicable law or agreed to in writing, * + * software distributed under the License is distributed on an * + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY * + * KIND, either express or implied. See the License for the * + * specific language governing permissions and limitations * + * under the License. * + ****************************************************************/ + +package org.apache.james.protocols.api; + +/** + * An special sub-type of {@link Response} which makes it possible to detect a response to a STARTTLS request. + * + * After writing this response its a MUST to enable STARTTLS before further processing + * + */ +public interface StartTlsResponse extends Response { + +} Propchange: james/protocols/trunk/api/src/main/java/org/apache/james/protocols/api/StartTlsResponse.java ------------------------------------------------------------------------------ svn:mime-type = text/plain Modified: james/protocols/trunk/api/src/main/java/org/apache/james/protocols/api/TLSSupportedSession.java URL: http://svn.apache.org/viewvc/james/protocols/trunk/api/src/main/java/org/apache/james/protocols/api/TLSSupportedSession.java?rev=1171499&r1=1171498&r2=1171499&view=diff ============================================================================== --- james/protocols/trunk/api/src/main/java/org/apache/james/protocols/api/TLSSupportedSession.java (original) +++ james/protocols/trunk/api/src/main/java/org/apache/james/protocols/api/TLSSupportedSession.java Fri Sep 16 10:54:43 2011 @@ -20,10 +20,12 @@ package org.apache.james.protocols.api; -import java.io.IOException; /** - * Session which supports TLS + * Session which supports STARTTLS. Implementations of this interface must take special + * care of handling {@link StartTlsResponse}'s. Once such a response was written to the client + * the server MUST take care of start the TLS encryption before do any futher processing + * * * */ @@ -58,11 +60,13 @@ public interface TLSSupportedSession ext */ boolean isTLSStarted(); + /** - * Start TLS encryption + * Write the response back to the client. Special care MUST be take to handle {@link StartTlsResponse} instances. + * * - * @throws IOException + * @param response */ - void startTLS() throws IOException; + void writeResponse(Response response); } Modified: james/protocols/trunk/impl/src/main/java/org/apache/james/protocols/impl/AbstractSession.java URL: http://svn.apache.org/viewvc/james/protocols/trunk/impl/src/main/java/org/apache/james/protocols/impl/AbstractSession.java?rev=1171499&r1=1171498&r2=1171499&view=diff ============================================================================== --- james/protocols/trunk/impl/src/main/java/org/apache/james/protocols/impl/AbstractSession.java (original) +++ james/protocols/trunk/impl/src/main/java/org/apache/james/protocols/impl/AbstractSession.java Fri Sep 16 10:54:43 2011 @@ -19,12 +19,12 @@ package org.apache.james.protocols.impl; -import java.io.IOException; import java.net.InetSocketAddress; import javax.net.ssl.SSLEngine; import org.apache.james.protocols.api.Response; +import org.apache.james.protocols.api.StartTlsResponse; import org.apache.james.protocols.api.TLSSupportedSession; import org.jboss.netty.channel.Channel; import org.jboss.netty.channel.ChannelFuture; @@ -118,21 +118,6 @@ public abstract class AbstractSession im } /** - * @see org.apache.james.api.protocol.TLSSupportedSession#startTLS() - */ - public void startTLS() throws IOException { - if (isStartTLSSupported() && isTLSStarted() == false) { - channel.setReadable(false); - SslHandler filter = new SslHandler(engine); - filter.getEngine().setUseClientMode(false); - resetState(); - channel.getPipeline().addFirst("sslHandler", filter); - channel.setReadable(true); - } - - } - - /** * @see org.apache.james.api.protocol.ProtocolSession#getLogger() */ public Logger getLogger() { @@ -153,6 +138,16 @@ public abstract class AbstractSession im if (response.isEndSession()) { // close the channel if needed after the message was written out cf.addListener(ChannelFutureListener.CLOSE); + } + if (response instanceof StartTlsResponse) { + if (isStartTLSSupported()) { + channel.setReadable(false); + SslHandler filter = new SslHandler(engine); + filter.getEngine().setUseClientMode(false); + resetState(); + channel.getPipeline().addFirst("sslHandler", filter); + channel.setReadable(true); + } } } } Modified: james/protocols/trunk/smtp/src/main/java/org/apache/james/protocols/smtp/SMTPResponse.java URL: http://svn.apache.org/viewvc/james/protocols/trunk/smtp/src/main/java/org/apache/james/protocols/smtp/SMTPResponse.java?rev=1171499&r1=1171498&r2=1171499&view=diff ============================================================================== --- james/protocols/trunk/smtp/src/main/java/org/apache/james/protocols/smtp/SMTPResponse.java (original) +++ james/protocols/trunk/smtp/src/main/java/org/apache/james/protocols/smtp/SMTPResponse.java Fri Sep 16 10:54:43 2011 @@ -27,7 +27,7 @@ import org.apache.james.protocols.api.Re /** * Contains an SMTP result */ -public final class SMTPResponse implements RetCodeResponse { +public class SMTPResponse implements RetCodeResponse { private String retCode = null; private List<CharSequence> lines = null; Added: james/protocols/trunk/smtp/src/main/java/org/apache/james/protocols/smtp/SMTPStartTLSResponse.java URL: http://svn.apache.org/viewvc/james/protocols/trunk/smtp/src/main/java/org/apache/james/protocols/smtp/SMTPStartTLSResponse.java?rev=1171499&view=auto ============================================================================== --- james/protocols/trunk/smtp/src/main/java/org/apache/james/protocols/smtp/SMTPStartTLSResponse.java (added) +++ james/protocols/trunk/smtp/src/main/java/org/apache/james/protocols/smtp/SMTPStartTLSResponse.java Fri Sep 16 10:54:43 2011 @@ -0,0 +1,40 @@ +/**************************************************************** + * Licensed to the Apache Software Foundation (ASF) under one * + * or more contributor license agreements. See the NOTICE file * + * distributed with this work for additional information * + * regarding copyright ownership. The ASF licenses this file * + * to you under the Apache License, Version 2.0 (the * + * "License"); you may not use this file except in compliance * + * with the License. You may obtain a copy of the License at * + * * + * http://www.apache.org/licenses/LICENSE-2.0 * + * * + * Unless required by applicable law or agreed to in writing, * + * software distributed under the License is distributed on an * + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY * + * KIND, either express or implied. See the License for the * + * specific language governing permissions and limitations * + * under the License. * + ****************************************************************/ + +package org.apache.james.protocols.smtp; + +import org.apache.james.protocols.api.StartTlsResponse; + + +/** + * This {@link SMTPResponse} should only be used once you want to start tls after the {@link SMTPResponse} was written to the client + * + * + */ +public class SMTPStartTLSResponse extends SMTPResponse implements StartTlsResponse{ + + public SMTPStartTLSResponse(String code, CharSequence description) { + super(code, description); + } + + public SMTPStartTLSResponse(String rawLine) { + super(rawLine); + } + +} Propchange: james/protocols/trunk/smtp/src/main/java/org/apache/james/protocols/smtp/SMTPStartTLSResponse.java ------------------------------------------------------------------------------ svn:mime-type = text/plain Modified: james/protocols/trunk/smtp/src/main/java/org/apache/james/protocols/smtp/core/esmtp/StartTlsCmdHandler.java URL: http://svn.apache.org/viewvc/james/protocols/trunk/smtp/src/main/java/org/apache/james/protocols/smtp/core/esmtp/StartTlsCmdHandler.java?rev=1171499&r1=1171498&r2=1171499&view=diff ============================================================================== --- james/protocols/trunk/smtp/src/main/java/org/apache/james/protocols/smtp/core/esmtp/StartTlsCmdHandler.java (original) +++ james/protocols/trunk/smtp/src/main/java/org/apache/james/protocols/smtp/core/esmtp/StartTlsCmdHandler.java Fri Sep 16 10:54:43 2011 @@ -19,7 +19,6 @@ package org.apache.james.protocols.smtp.core.esmtp; -import java.io.IOException; import java.util.ArrayList; import java.util.Collection; import java.util.List; @@ -30,6 +29,7 @@ import org.apache.james.protocols.api.Re import org.apache.james.protocols.smtp.SMTPResponse; import org.apache.james.protocols.smtp.SMTPRetCode; import org.apache.james.protocols.smtp.SMTPSession; +import org.apache.james.protocols.smtp.SMTPStartTLSResponse; import org.apache.james.protocols.smtp.dsn.DSNStatus; /** @@ -65,21 +65,12 @@ public class StartTlsCmdHandler implemen } else { SMTPResponse response; if ((parameters == null) || (parameters.length() == 0)) { - response = new SMTPResponse("220", DSNStatus.getStatus(DSNStatus.SUCCESS, DSNStatus.UNDEFINED_STATUS) + " Ready to start TLS"); + response = new SMTPStartTLSResponse("220", DSNStatus.getStatus(DSNStatus.SUCCESS, DSNStatus.UNDEFINED_STATUS) + " Ready to start TLS"); } else { response = new SMTPResponse("501 " + DSNStatus.getStatus(DSNStatus.PERMANENT, DSNStatus.DELIVERY_INVALID_ARG) + " Syntax error (no parameters allowed) with STARTTLS command"); } - session.writeResponse(response); - try { - if (!session.isTLSStarted()) { - session.startTLS(); - // force reset - session.resetState(); - } - - } catch (IOException e) { - return new SMTPResponse(SMTPRetCode.LOCAL_ERROR, "TLS not available due to temporary reason"); - } + return response; + } } else { @@ -88,7 +79,6 @@ public class StartTlsCmdHandler implemen SMTPResponse response = new SMTPResponse(SMTPRetCode.SYNTAX_ERROR_COMMAND_UNRECOGNIZED, result); return response; } - return null; } /** --------------------------------------------------------------------- To unsubscribe, e-mail: server-dev-unsubscr...@james.apache.org For additional commands, e-mail: server-dev-h...@james.apache.org