Author: norman
Date: Mon Sep 28 10:29:48 2009
New Revision: 819490
URL: http://svn.apache.org/viewvc?rev=819490&view=rev
Log:
move initSTARTLS code to the right place and write STARTTLS response before
trying to secure the socket (JAMES-290)
Modified:
james/server/trunk/avalon-socket-library/src/main/java/org/apache/james/socket/AbstractProtocolServer.java
james/server/trunk/avalon-socket-library/src/main/java/org/apache/james/socket/JamesConnectionBridge.java
james/server/trunk/smtpserver-function/src/main/java/org/apache/james/smtpserver/core/esmtp/StartTlsCmdHandler.java
Modified:
james/server/trunk/avalon-socket-library/src/main/java/org/apache/james/socket/AbstractProtocolServer.java
URL:
http://svn.apache.org/viewvc/james/server/trunk/avalon-socket-library/src/main/java/org/apache/james/socket/AbstractProtocolServer.java?rev=819490&r1=819489&r2=819490&view=diff
==============================================================================
---
james/server/trunk/avalon-socket-library/src/main/java/org/apache/james/socket/AbstractProtocolServer.java
(original)
+++
james/server/trunk/avalon-socket-library/src/main/java/org/apache/james/socket/AbstractProtocolServer.java
Mon Sep 28 10:29:48 2009
@@ -396,15 +396,14 @@
Configuration tlsConfig = conf.getChild("startTLS");
if (tlsConfig != null) {
useStartTLS = tlsConfig.getAttributeAsBoolean("enable",
false);
- System.err.println("config=" + useStartTLS);
-
+
if (useStartTLS) {
keystore =
tlsConfig.getChild("keystore").getValue(null);
if (keystore == null) {
throw new
ConfigurationException("keystore needs to get configured");
}
secret =
tlsConfig.getChild("secret").getValue("");
- loadJCEProviders(conf, getLogger());
+ loadJCEProviders(tlsConfig, getLogger());
}
}
}
@@ -503,10 +502,16 @@
System.out.println(getServiceType() + " Disabled");
return;
}
+
getLogger().debug(getServiceType() + " init...");
prepareInit();
+
+ if (useStartTLS) {
+ initStartTLS();
+ }
+
// keeping these looked up services locally, because they are only
needed beyond initialization
ThreadManager threadManager = (ThreadManager)
componentManager.lookup(ThreadManager.ROLE);
SocketManager socketManager = (SocketManager)
componentManager.lookup(SocketManager.ROLE);
@@ -525,9 +530,6 @@
theWatchdogFactory = getWatchdogFactory();
- if (useStartTLS) {
- initStartTLS();
- }
// Allow subclasses to perform initialisation
doInit();
}
Modified:
james/server/trunk/avalon-socket-library/src/main/java/org/apache/james/socket/JamesConnectionBridge.java
URL:
http://svn.apache.org/viewvc/james/server/trunk/avalon-socket-library/src/main/java/org/apache/james/socket/JamesConnectionBridge.java?rev=819490&r1=819489&r2=819490&view=diff
==============================================================================
---
james/server/trunk/avalon-socket-library/src/main/java/org/apache/james/socket/JamesConnectionBridge.java
(original)
+++
james/server/trunk/avalon-socket-library/src/main/java/org/apache/james/socket/JamesConnectionBridge.java
Mon Sep 28 10:29:48 2009
@@ -203,7 +203,8 @@
SSLSocket sslsock = (SSLSocket) factory.createSocket(socket,
socket
.getInetAddress().getHostName(),
socket.getPort(), true);
sslsock.setUseClientMode(false);
-
+ getLogger().debug("Finished negotiating SSL - algorithm is " +
+ sslsock.getSession().getCipherSuite());
return sslsock;
}
@@ -543,9 +544,11 @@
if (factory == null) {
throw new UnsupportedOperationException("StartTLS not
supported");
}
- this.secureEnabled = true;
socket = secureSocket(socket);
+
connectStreams(socket);
+ this.secureEnabled = true;
+
}
}
Modified:
james/server/trunk/smtpserver-function/src/main/java/org/apache/james/smtpserver/core/esmtp/StartTlsCmdHandler.java
URL:
http://svn.apache.org/viewvc/james/server/trunk/smtpserver-function/src/main/java/org/apache/james/smtpserver/core/esmtp/StartTlsCmdHandler.java?rev=819490&r1=819489&r2=819490&view=diff
==============================================================================
---
james/server/trunk/smtpserver-function/src/main/java/org/apache/james/smtpserver/core/esmtp/StartTlsCmdHandler.java
(original)
+++
james/server/trunk/smtpserver-function/src/main/java/org/apache/james/smtpserver/core/esmtp/StartTlsCmdHandler.java
Mon Sep 28 10:29:48 2009
@@ -67,16 +67,18 @@
} else {
response = new SMTPResponse("501 "+
DSNStatus.getStatus(DSNStatus.PERMANENT, DSNStatus.DELIVERY_INVALID_ARG) + "
Syntax error (no parameters allowed) with STARTTLS command");
}
- }
- try {
- if (!session.isTLSStarted()) {
- session.secure();
- // force reset
- session.resetState();
+ session.writeSMTPResponse(response);
+ try {
+ if (!session.isTLSStarted()) {
+ session.secure();
+ // force reset
+ session.resetState();
+ }
+ } catch (IOException e) {
+ return new
SMTPResponse(SMTPRetCode.LOCAL_ERROR,"TLS not available due to temporary
reason");
}
- } catch (IOException e) {
- response = new
SMTPResponse(SMTPRetCode.LOCAL_ERROR,"Temporary error while trying to start
TLS");
}
+
} else {
StringBuilder result = new StringBuilder();
result.append(DSNStatus.getStatus(DSNStatus.PERMANENT,
DSNStatus.DELIVERY_INVALID_CMD))
@@ -85,7 +87,7 @@
.append(" unrecognized.");
response = new
SMTPResponse(SMTPRetCode.SYNTAX_ERROR_COMMAND_UNRECOGNIZED, result);
}
- return response;
+ return null;
}
/**
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
