You are viewing a plain text version of this content. The canonical link for it is here.
Posted to notifications@james.apache.org by bt...@apache.org on 2021/04/21 02:14:08 UTC

[james-project] branch master updated: JAMES-3525 verifyIdentity should not fail on null sender

This is an automated email from the ASF dual-hosted git repository.

btellier pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/james-project.git


The following commit(s) were added to refs/heads/master by this push:
     new b691dad  JAMES-3525 verifyIdentity should not fail on null sender
b691dad is described below

commit b691daddf53f89854d05817faaf44937d7c86a6f
Author: Benoit Tellier <bt...@linagora.com>
AuthorDate: Sat Apr 17 13:04:30 2021 +0700

    JAMES-3525 verifyIdentity should not fail on null sender
    
    Before this patch an unchecked error was specified. SMTP error code 430.
    
    ```
    java.lang.IllegalArgumentException: null
    	at com.google.common.base.Preconditions.checkArgument(Preconditions.java:127)
    	at org.apache.james.protocols.smtp.core.AbstractSenderAuthIdentifyVerificationRcptHook.belongsToLocalDomain(AbstractSenderAuthIdentifyVerificationRcptHook.java:89)
    	at org.apache.james.protocols.smtp.core.AbstractSenderAuthIdentifyVerificationRcptHook.doRcpt(AbstractSenderAuthIdentifyVerificationRcptHook.java:66)
    	at org.apache.james.smtpserver.SenderAuthIdentifyVerificationRcptHook.doRcpt(SenderAuthIdentifyVerificationRcptHook.java:59)
    	at org.apache.james.protocols.smtp.hook.RcptHook.doRcpt(RcptHook.java:77)
    ```
    
    After this patch the sender address is explicitly rejected. Error code 503 & no stacktrace.
---
 ...ractSenderAuthIdentifyVerificationRcptHook.java |  6 ++--
 .../james/smtp/SmtpIdentityVerificationTest.java   | 37 ++++++++++++++++++++++
 .../org/apache/james/utils/SMTPMessageSender.java  | 11 +++++++
 3 files changed, 52 insertions(+), 2 deletions(-)

diff --git a/protocols/smtp/src/main/java/org/apache/james/protocols/smtp/core/AbstractSenderAuthIdentifyVerificationRcptHook.java b/protocols/smtp/src/main/java/org/apache/james/protocols/smtp/core/AbstractSenderAuthIdentifyVerificationRcptHook.java
index f93176c..758eaa6 100644
--- a/protocols/smtp/src/main/java/org/apache/james/protocols/smtp/core/AbstractSenderAuthIdentifyVerificationRcptHook.java
+++ b/protocols/smtp/src/main/java/org/apache/james/protocols/smtp/core/AbstractSenderAuthIdentifyVerificationRcptHook.java
@@ -86,8 +86,10 @@ public abstract class AbstractSenderAuthIdentifyVerificationRcptHook implements
     }
 
     private boolean belongsToLocalDomain(MaybeSender maybeSender) {
-        Preconditions.checkArgument(!maybeSender.isNullSender());
-        return isLocalDomain(maybeSender.get().getDomain());
+        return maybeSender.asOptional()
+            .map(MailAddress::getDomain)
+            .filter(this::isLocalDomain)
+            .isPresent();
     }
 
     /**
diff --git a/server/mailet/integration-testing/src/test/java/org/apache/james/smtp/SmtpIdentityVerificationTest.java b/server/mailet/integration-testing/src/test/java/org/apache/james/smtp/SmtpIdentityVerificationTest.java
index f576aa8..f49abda 100644
--- a/server/mailet/integration-testing/src/test/java/org/apache/james/smtp/SmtpIdentityVerificationTest.java
+++ b/server/mailet/integration-testing/src/test/java/org/apache/james/smtp/SmtpIdentityVerificationTest.java
@@ -22,6 +22,7 @@ package org.apache.james.smtp;
 import static org.apache.james.mailets.configuration.Constants.DEFAULT_DOMAIN;
 import static org.apache.james.mailets.configuration.Constants.LOCALHOST_IP;
 import static org.apache.james.mailets.configuration.Constants.PASSWORD;
+import static org.assertj.core.api.Assertions.assertThatCode;
 import static org.assertj.core.api.Assertions.assertThatThrownBy;
 
 import java.io.File;
@@ -90,6 +91,42 @@ class SmtpIdentityVerificationTest {
     }
 
     @Test
+    void verifyIdentityShouldRejectNullSenderWHenAuthenticated(@TempDir File temporaryFolder) throws Exception {
+        createJamesServer(temporaryFolder, SmtpConfiguration.builder()
+            .requireAuthentication()
+            .verifyIdentity());
+
+        assertThatThrownBy(() ->
+            messageSender.connect(LOCALHOST_IP, jamesServer.getProbe(SmtpGuiceProbe.class).getSmtpPort())
+                .authenticate(USER, PASSWORD)
+                .sendMessageNoSender(USER))
+            .isEqualTo(new SMTPSendingException(SmtpSendingStep.RCPT, "503 5.7.1 Incorrect Authentication for Specified Email Address\n"));
+    }
+
+    @Test
+    void verifyIdentityShouldAcceptNullSenderWhenNotAuthenticated(@TempDir File temporaryFolder) throws Exception {
+        createJamesServer(temporaryFolder, SmtpConfiguration.builder()
+            .verifyIdentity());
+
+        assertThatCode(() ->
+            messageSender.connect(LOCALHOST_IP, jamesServer.getProbe(SmtpGuiceProbe.class).getSmtpPort())
+                .sendMessageNoSender(USER))
+            .doesNotThrowAnyException();
+    }
+
+    @Test
+    void verifyIdentityShouldAcceptNullSenderWhenAuthenticationRequired(@TempDir File temporaryFolder) throws Exception {
+        createJamesServer(temporaryFolder, SmtpConfiguration.builder()
+            .requireAuthentication()
+            .verifyIdentity());
+
+        assertThatCode(() ->
+            messageSender.connect(LOCALHOST_IP, jamesServer.getProbe(SmtpGuiceProbe.class).getSmtpPort())
+                .sendMessageNoSender(USER))
+            .doesNotThrowAnyException();
+    }
+
+    @Test
     void rejectUnauthenticatedSendersUsingLocalDomains(@TempDir File temporaryFolder) throws Exception {
         createJamesServer(temporaryFolder, SmtpConfiguration.builder()
             .requireAuthentication()
diff --git a/server/testing/src/main/java/org/apache/james/utils/SMTPMessageSender.java b/server/testing/src/main/java/org/apache/james/utils/SMTPMessageSender.java
index 655023b..d17c2c1 100644
--- a/server/testing/src/main/java/org/apache/james/utils/SMTPMessageSender.java
+++ b/server/testing/src/main/java/org/apache/james/utils/SMTPMessageSender.java
@@ -126,6 +126,17 @@ public class SMTPMessageSender extends ExternalResource implements Closeable, Af
         return this;
     }
 
+    public SMTPMessageSender sendMessageNoSender(String recipient) throws IOException {
+        doHelo();
+        doSetSender("");
+        doAddRcpt(recipient);
+        doData("subject: test\r\n" +
+            "\r\n" +
+            "content\r\n" +
+            ".\r\n");
+        return this;
+    }
+
     public SMTPMessageSender sendMessage(Mail mail) throws MessagingException, IOException {
         String from = mail.getMaybeSender().asString();
         ImmutableList<String> recipients = mail.getRecipients().stream()

---------------------------------------------------------------------
To unsubscribe, e-mail: notifications-unsubscribe@james.apache.org
For additional commands, e-mail: notifications-help@james.apache.org