You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@sling.apache.org by ol...@apache.org on 2021/12/03 14:56:30 UTC

[sling-org-apache-sling-commons-messaging-mail] branch master updated: SLING-10965 Support server identity check

This is an automated email from the ASF dual-hosted git repository.

olli pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/sling-org-apache-sling-commons-messaging-mail.git


The following commit(s) were added to refs/heads/master by this push:
     new aa0a1d3  SLING-10965 Support server identity check
aa0a1d3 is described below

commit aa0a1d3cfe042d76a82b543ed0042e85c87973bf
Author: Oliver Lietz <ol...@apache.org>
AuthorDate: Fri Dec 3 15:56:18 2021 +0100

    SLING-10965 Support server identity check
---
 README.md                                                           | 1 +
 .../sling/commons/messaging/mail/internal/SimpleMailService.java    | 3 +++
 .../messaging/mail/internal/SimpleMailServiceConfiguration.java     | 6 ++++++
 .../sling/commons/messaging/mail/it/tests/SimpleMailServiceIT.java  | 2 ++
 4 files changed, 12 insertions(+)

diff --git a/README.md b/README.md
index 0374819..2a5fe7f 100644
--- a/README.md
+++ b/README.md
@@ -89,6 +89,7 @@ An external SMTP server for validating messages with real mail clients can be us
 
     mvn clean install\
       -Dsling.test.mail.smtps.server.external=true\
+      -Dsling.test.mail.smtps.ssl.checkserveridentity=true\
       -Dsling.test.mail.smtps.from=envelope-from@example.org\
       -Dsling.test.mail.smtps.host=localhost\
       -Dsling.test.mail.smtps.port=465\
diff --git a/src/main/java/org/apache/sling/commons/messaging/mail/internal/SimpleMailService.java b/src/main/java/org/apache/sling/commons/messaging/mail/internal/SimpleMailService.java
index f90cd5d..c2221f9 100644
--- a/src/main/java/org/apache/sling/commons/messaging/mail/internal/SimpleMailService.java
+++ b/src/main/java/org/apache/sling/commons/messaging/mail/internal/SimpleMailService.java
@@ -80,6 +80,8 @@ public final class SimpleMailService implements MailService {
 
     private static final String MAIL_SMTPS_FROM = "mail.smtps.from";
 
+    private static final String MAIL_SMTPS_SSL_CHECKSERVERIDENTITY = "mail.smtps.ssl.checkserveridentity";
+
     private static final String MESSAGE_ID_HEADER = "Message-ID";
 
     @Reference(
@@ -159,6 +161,7 @@ public final class SimpleMailService implements MailService {
         threadPool = threadPoolManager.get(configuration.threadpool_name());
 
         final Properties properties = new Properties();
+        properties.setProperty(MAIL_SMTPS_SSL_CHECKSERVERIDENTITY, Boolean.toString(configuration.mail_smtps_ssl_checkserveridentity()));
         final String from = configuration.mail_smtps_from();
         if (Objects.nonNull(from) && !from.isBlank()) {
             properties.setProperty(MAIL_SMTPS_FROM, from.trim());
diff --git a/src/main/java/org/apache/sling/commons/messaging/mail/internal/SimpleMailServiceConfiguration.java b/src/main/java/org/apache/sling/commons/messaging/mail/internal/SimpleMailServiceConfiguration.java
index 42f08f0..7186eb9 100644
--- a/src/main/java/org/apache/sling/commons/messaging/mail/internal/SimpleMailServiceConfiguration.java
+++ b/src/main/java/org/apache/sling/commons/messaging/mail/internal/SimpleMailServiceConfiguration.java
@@ -43,6 +43,12 @@ import org.osgi.service.metatype.annotations.ObjectClassDefinition;
     String threadpool_name() default "default";
 
     @AttributeDefinition(
+        name = "SMTP SSL check server identity",
+        description = "check the server identity as specified by RFC 2595"
+    )
+    boolean mail_smtps_ssl_checkserveridentity() default true;
+
+    @AttributeDefinition(
         name = "SMTP from",
         description = "from address"
     )
diff --git a/src/test/java/org/apache/sling/commons/messaging/mail/it/tests/SimpleMailServiceIT.java b/src/test/java/org/apache/sling/commons/messaging/mail/it/tests/SimpleMailServiceIT.java
index ec66fb7..ff906df 100644
--- a/src/test/java/org/apache/sling/commons/messaging/mail/it/tests/SimpleMailServiceIT.java
+++ b/src/test/java/org/apache/sling/commons/messaging/mail/it/tests/SimpleMailServiceIT.java
@@ -129,6 +129,7 @@ public class SimpleMailServiceIT extends MailTestSupport {
             baseConfiguration(),
             propagateSystemProperties(
                 "sling.test.mail.smtps.server.external",
+                "sling.test.mail.smtps.ssl.checkserveridentity",
                 "sling.test.mail.smtps.from",
                 "sling.test.mail.smtps.host",
                 "sling.test.mail.smtps.port",
@@ -145,6 +146,7 @@ public class SimpleMailServiceIT extends MailTestSupport {
                 .put("host", "localhost")
                 .asOption(),
             factoryConfiguration("org.apache.sling.commons.messaging.mail.internal.SimpleMailService")
+                .put("mail.smtps.ssl.checkserveridentity", local ? "false" : System.getProperty("sling.test.mail.smtps.ssl.checkserveridentity"))
                 .put("mail.smtps.from", local ? "envelope-from@example.org" : System.getProperty("sling.test.mail.smtps.from"))
                 .put("mail.smtps.host", local ? "localhost" : System.getProperty("sling.test.mail.smtps.host"))
                 .put("mail.smtps.port", local ? port : Integer.getInteger("sling.test.mail.smtps.port"))