You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@jmeter.apache.org by bu...@apache.org on 2018/08/03 05:06:22 UTC

[Bug 62595] New: SMTPSampler does not allow configuring the SSL/TLS protocols to be used on handshake

https://bz.apache.org/bugzilla/show_bug.cgi?id=62595

            Bug ID: 62595
           Summary: SMTPSampler does not allow configuring the SSL/TLS
                    protocols to be used on handshake
           Product: JMeter
           Version: 4.0
          Hardware: PC
                OS: All
            Status: NEW
          Severity: enhancement
          Priority: P2
         Component: Main
          Assignee: issues@jmeter.apache.org
          Reporter: felipe.cuozzo@gmail.com
  Target Milestone: ---

Currently the logic on SendMailCommand#prepareMessage method does the
following:


 if (useStartTLS || useSSL) {
    try {
      String allProtocols = StringUtils.join(                  
 SSLContext.getDefault().getSupportedSSLParameters().getProtocols(), " ");
       logger.info("Use ssl/tls protocols for mail: {}", allProtocols);
       props.setProperty("mail." + protocol + ".ssl.protocols", allProtocols);


The default SSLContext will return a list of all supported protocols for the
current JRE, typically "SSLv2Hello TLSv1 TLSv1.1 TLSv1.2"

If for some reason the server does not accept the deprecated SSLv3 protocol
(see https://tools.ietf.org/html/rfc7568) the handshake will fail.

This article describes how to disable SSLv3 (and the SSLv2Hello
pseudo-protocol) 

http://www.oracle.com/technetwork/java/javase/documentation/cve-2014-3566-2342133.html

Which can be done by setting the system property "jdk.tls.client.protocols" at
startup time.

The bug arises because the code is getting the supported not the enabled
protocols.

Expected behavior on the SSL/TLS handshake would be that the SMTPSampler only
used the enabled protocols.

Because the system property changes the settings for the default SSLContext, I
suggest that a new configuration field is added on the GUI panel for the
SMTPSampler that allows to override the list of protocols so one can
specifically set which protocols to be used for the handshake.

-- 
You are receiving this mail because:
You are the assignee for the bug.

[Bug 62595] SMTPSampler does not allow configuring the SSL/TLS protocols to be used on handshake

Posted by bu...@apache.org.

https://bz.apache.org/bugzilla/show_bug.cgi?id=62595

--- Comment #4 from Felipe Cuozzo <fe...@gmail.com> ---
Hi Phillipe,

Thank you for the fast turn-around here.

After testing the nightly build I realized I forgot to push a one line change
to the SmtpSampler I had on my local repository.

Please see extra commit on
https://github.com/fcuozzo/jmeter/commit/680f16dd1013d2bc5f1da2b4f1cf5a609e47a9e3

Without that the custom protocols don't actually get set into the
SendEmailCommand so the new behavior does not work.

Thanks for the refactoring and changing to use StringUtils.isEmpty to check if
the String was empty (my bad there, I should have checked what was the common
pattern in the codebase, my previous logic had a NullPointerException bug
lurking in there).

Thanks,
Felipe

-- 
You are receiving this mail because:
You are the assignee for the bug.

[Bug 62595] SMTPSampler does not allow configuring the SSL/TLS protocols to be used on handshake

Posted by bu...@apache.org.

https://bz.apache.org/bugzilla/show_bug.cgi?id=62595

Philippe Mouawad <p....@ubik-ingenierie.com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
           Keywords|                            |PatchAvailable
                 CC|                            |p.mouawad@ubik-ingenierie.c
                   |                            |om
           Hardware|PC                          |All

-- 
You are receiving this mail because:
You are the assignee for the bug.

[Bug 62595] SMTPSampler does not allow configuring the SSL/TLS protocols to be used on handshake

Posted by bu...@apache.org.

https://bz.apache.org/bugzilla/show_bug.cgi?id=62595

Felipe Cuozzo <fe...@gmail.com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |felipe.cuozzo@gmail.com

--- Comment #1 from Felipe Cuozzo <fe...@gmail.com> ---
I've a proposed patch on
https://github.com/fcuozzo/jmeter/commit/f7c27b90beb3decacbfc9b19b755954892e829c0

-- 
You are receiving this mail because:
You are the assignee for the bug.

[Bug 62595] SMTPSampler does not allow configuring the SSL/TLS protocols to be used on handshake

Posted by bu...@apache.org.

https://bz.apache.org/bugzilla/show_bug.cgi?id=62595

--- Comment #5 from Felix Schumacher <fe...@internetallee.de> ---
Thanks for the followup.

Could you try the next nightly, if thinks work for you then?

Date: Thu Aug  9 09:19:43 2018
New Revision: 1837704

URL: http://svn.apache.org/viewvc?rev=1837704&view=rev
Log:
Bug 62595 - SMTPSampler does not allow configuring the SSL/TLS protocols to be
used on handshake

Followup to r1837445. Missing the line to actually use the settings for sending
mails. 
Contributed by Felipe Cuozzo

Bugzilla Id: 62595

Modified:
   
jmeter/trunk/src/protocol/mail/org/apache/jmeter/protocol/smtp/sampler/SmtpSampler.java

-- 
You are receiving this mail because:
You are the assignee for the bug.

[Bug 62595] SMTPSampler does not allow configuring the SSL/TLS protocols to be used on handshake

Posted by bu...@apache.org.

https://bz.apache.org/bugzilla/show_bug.cgi?id=62595

Philippe Mouawad <p....@ubik-ingenierie.com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
           Keywords|                            |FixedInTrunk
         Resolution|---                         |FIXED
   Target Milestone|---                         |JMETER_4.1
             Status|NEW                         |RESOLVED

--- Comment #2 from Philippe Mouawad <p....@ubik-ingenierie.com> ---
Author: pmouawad
Date: Sat Aug  4 18:46:53 2018
New Revision: 1837445

URL: http://svn.apache.org/viewvc?rev=1837445&view=rev
Log:
Bug 62595 - SMTPSampler does not allow configuring the SSL/TLS protocols to be
used on handshake

Contributed by Felipe Cuozzo
Bugzilla Id: 62595

Modified:
    jmeter/trunk/src/core/org/apache/jmeter/resources/messages.properties
    jmeter/trunk/src/core/org/apache/jmeter/resources/messages_fr.properties
   
jmeter/trunk/src/protocol/mail/org/apache/jmeter/protocol/smtp/sampler/gui/SecuritySettingsPanel.java
   
jmeter/trunk/src/protocol/mail/org/apache/jmeter/protocol/smtp/sampler/protocol/SendMailCommand.java
    jmeter/trunk/xdocs/changes.xml
    jmeter/trunk/xdocs/usermanual/component_reference.xml

-- 
You are receiving this mail because:
You are the assignee for the bug.

[Bug 62595] SMTPSampler does not allow configuring the SSL/TLS protocols to be used on handshake

Posted by bu...@apache.org.

https://bz.apache.org/bugzilla/show_bug.cgi?id=62595

--- Comment #3 from Philippe Mouawad <p....@ubik-ingenierie.com> ---
Thanks for contributing.

This will be available in next JMeter 5.0.

Meanwhile if you can test nightly build after today and give us feedback it
would be nice.
http://jmeter.apache.org/nightly.html
Thanks
Regards

-- 
You are receiving this mail because:
You are the assignee for the bug.