You are viewing a plain text version of this content. The canonical link for it is here.
Posted to server-dev@james.apache.org by no...@apache.org on 2009/09/28 12:29:49 UTC
svn commit: r819490 - in /james/server/trunk:
avalon-socket-library/src/main/java/org/apache/james/socket/
smtpserver-function/src/main/java/org/apache/james/smtpserver/core/esmtp/
Author: norman
Date: Mon Sep 28 10:29:48 2009
New Revision: 819490
URL: http://svn.apache.org/viewvc?rev=819490&view=rev
Log:
move initSTARTLS code to the right place and write STARTTLS response before trying to secure the socket (JAMES-290)
Modified:
james/server/trunk/avalon-socket-library/src/main/java/org/apache/james/socket/AbstractProtocolServer.java
james/server/trunk/avalon-socket-library/src/main/java/org/apache/james/socket/JamesConnectionBridge.java
james/server/trunk/smtpserver-function/src/main/java/org/apache/james/smtpserver/core/esmtp/StartTlsCmdHandler.java
Modified: james/server/trunk/avalon-socket-library/src/main/java/org/apache/james/socket/AbstractProtocolServer.java
URL: http://svn.apache.org/viewvc/james/server/trunk/avalon-socket-library/src/main/java/org/apache/james/socket/AbstractProtocolServer.java?rev=819490&r1=819489&r2=819490&view=diff
==============================================================================
--- james/server/trunk/avalon-socket-library/src/main/java/org/apache/james/socket/AbstractProtocolServer.java (original)
+++ james/server/trunk/avalon-socket-library/src/main/java/org/apache/james/socket/AbstractProtocolServer.java Mon Sep 28 10:29:48 2009
@@ -396,15 +396,14 @@
Configuration tlsConfig = conf.getChild("startTLS");
if (tlsConfig != null) {
useStartTLS = tlsConfig.getAttributeAsBoolean("enable", false);
- System.err.println("config=" + useStartTLS);
-
+
if (useStartTLS) {
keystore = tlsConfig.getChild("keystore").getValue(null);
if (keystore == null) {
throw new ConfigurationException("keystore needs to get configured");
}
secret = tlsConfig.getChild("secret").getValue("");
- loadJCEProviders(conf, getLogger());
+ loadJCEProviders(tlsConfig, getLogger());
}
}
}
@@ -503,10 +502,16 @@
System.out.println(getServiceType() + " Disabled");
return;
}
+
getLogger().debug(getServiceType() + " init...");
prepareInit();
+
+ if (useStartTLS) {
+ initStartTLS();
+ }
+
// keeping these looked up services locally, because they are only needed beyond initialization
ThreadManager threadManager = (ThreadManager) componentManager.lookup(ThreadManager.ROLE);
SocketManager socketManager = (SocketManager) componentManager.lookup(SocketManager.ROLE);
@@ -525,9 +530,6 @@
theWatchdogFactory = getWatchdogFactory();
- if (useStartTLS) {
- initStartTLS();
- }
// Allow subclasses to perform initialisation
doInit();
}
Modified: james/server/trunk/avalon-socket-library/src/main/java/org/apache/james/socket/JamesConnectionBridge.java
URL: http://svn.apache.org/viewvc/james/server/trunk/avalon-socket-library/src/main/java/org/apache/james/socket/JamesConnectionBridge.java?rev=819490&r1=819489&r2=819490&view=diff
==============================================================================
--- james/server/trunk/avalon-socket-library/src/main/java/org/apache/james/socket/JamesConnectionBridge.java (original)
+++ james/server/trunk/avalon-socket-library/src/main/java/org/apache/james/socket/JamesConnectionBridge.java Mon Sep 28 10:29:48 2009
@@ -203,7 +203,8 @@
SSLSocket sslsock = (SSLSocket) factory.createSocket(socket, socket
.getInetAddress().getHostName(), socket.getPort(), true);
sslsock.setUseClientMode(false);
-
+ getLogger().debug("Finished negotiating SSL - algorithm is " +
+ sslsock.getSession().getCipherSuite());
return sslsock;
}
@@ -543,9 +544,11 @@
if (factory == null) {
throw new UnsupportedOperationException("StartTLS not supported");
}
- this.secureEnabled = true;
socket = secureSocket(socket);
+
connectStreams(socket);
+ this.secureEnabled = true;
+
}
}
Modified: james/server/trunk/smtpserver-function/src/main/java/org/apache/james/smtpserver/core/esmtp/StartTlsCmdHandler.java
URL: http://svn.apache.org/viewvc/james/server/trunk/smtpserver-function/src/main/java/org/apache/james/smtpserver/core/esmtp/StartTlsCmdHandler.java?rev=819490&r1=819489&r2=819490&view=diff
==============================================================================
--- james/server/trunk/smtpserver-function/src/main/java/org/apache/james/smtpserver/core/esmtp/StartTlsCmdHandler.java (original)
+++ james/server/trunk/smtpserver-function/src/main/java/org/apache/james/smtpserver/core/esmtp/StartTlsCmdHandler.java Mon Sep 28 10:29:48 2009
@@ -67,16 +67,18 @@
} else {
response = new SMTPResponse("501 "+ DSNStatus.getStatus(DSNStatus.PERMANENT, DSNStatus.DELIVERY_INVALID_ARG) + " Syntax error (no parameters allowed) with STARTTLS command");
}
- }
- try {
- if (!session.isTLSStarted()) {
- session.secure();
- // force reset
- session.resetState();
+ session.writeSMTPResponse(response);
+ try {
+ if (!session.isTLSStarted()) {
+ session.secure();
+ // force reset
+ session.resetState();
+ }
+ } catch (IOException e) {
+ return new SMTPResponse(SMTPRetCode.LOCAL_ERROR,"TLS not available due to temporary reason");
}
- } catch (IOException e) {
- response = new SMTPResponse(SMTPRetCode.LOCAL_ERROR,"Temporary error while trying to start TLS");
}
+
} else {
StringBuilder result = new StringBuilder();
result.append(DSNStatus.getStatus(DSNStatus.PERMANENT, DSNStatus.DELIVERY_INVALID_CMD))
@@ -85,7 +87,7 @@
.append(" unrecognized.");
response = new SMTPResponse(SMTPRetCode.SYNTAX_ERROR_COMMAND_UNRECOGNIZED, result);
}
- return response;
+ return null;
}
/**
---------------------------------------------------------------------
To unsubscribe, e-mail: server-dev-unsubscribe@james.apache.org
For additional commands, e-mail: server-dev-help@james.apache.org