You are viewing a plain text version of this content. The canonical link for it is here.
Posted to server-dev@james.apache.org by ad...@apache.org on 2016/11/17 09:38:38 UTC
[8/9] james-project git commit: JAMES-1856 Handle virtual users while
signing
JAMES-1856 Handle virtual users while signing
Project: http://git-wip-us.apache.org/repos/asf/james-project/repo
Commit: http://git-wip-us.apache.org/repos/asf/james-project/commit/f3a7becb
Tree: http://git-wip-us.apache.org/repos/asf/james-project/tree/f3a7becb
Diff: http://git-wip-us.apache.org/repos/asf/james-project/diff/f3a7becb
Branch: refs/heads/master
Commit: f3a7becb9961ce4fc84647638ced66c78fc4cf68
Parents: 015c00e
Author: Benoit Tellier <bt...@linagora.com>
Authored: Mon Nov 14 14:26:04 2016 +0700
Committer: Benoit Tellier <bt...@linagora.com>
Committed: Thu Nov 17 15:26:18 2016 +0700
----------------------------------------------------------------------
.../java/org/apache/mailet/MailAddress.java | 4 +++
mailet/crypto/pom.xml | 9 ++++++
.../james/transport/mailets/AbstractSign.java | 34 ++++++++++++++++----
mailet/pom.xml | 6 ++++
4 files changed, 46 insertions(+), 7 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/james-project/blob/f3a7becb/mailet/api/src/main/java/org/apache/mailet/MailAddress.java
----------------------------------------------------------------------
diff --git a/mailet/api/src/main/java/org/apache/mailet/MailAddress.java b/mailet/api/src/main/java/org/apache/mailet/MailAddress.java
index 1416876..1d426d9 100644
--- a/mailet/api/src/main/java/org/apache/mailet/MailAddress.java
+++ b/mailet/api/src/main/java/org/apache/mailet/MailAddress.java
@@ -270,6 +270,10 @@ public class MailAddress implements java.io.Serializable {
return localPart;
}
+ public String asString() {
+ return localPart + "@" + domain;
+ }
+
@Override
public String toString() {
return localPart + "@" + domain;
http://git-wip-us.apache.org/repos/asf/james-project/blob/f3a7becb/mailet/crypto/pom.xml
----------------------------------------------------------------------
diff --git a/mailet/crypto/pom.xml b/mailet/crypto/pom.xml
index 5ab267d..07ccb08 100644
--- a/mailet/crypto/pom.xml
+++ b/mailet/crypto/pom.xml
@@ -44,6 +44,10 @@
<artifactId>mail</artifactId>
</dependency>
<dependency>
+ <groupId>javax.inject</groupId>
+ <artifactId>javax.inject</artifactId>
+ </dependency>
+ <dependency>
<groupId>org.bouncycastle</groupId>
<artifactId>bcmail-jdk15on</artifactId>
</dependency>
@@ -51,6 +55,11 @@
<groupId>org.apache.james</groupId>
<artifactId>apache-mailet-base</artifactId>
</dependency>
+ <dependency>
+ <groupId>org.apache.james</groupId>
+ <artifactId>james-server-data-api</artifactId>
+ <version>${project.version}</version>
+ </dependency>
</dependencies>
<build>
http://git-wip-us.apache.org/repos/asf/james-project/blob/f3a7becb/mailet/crypto/src/main/java/org/apache/james/transport/mailets/AbstractSign.java
----------------------------------------------------------------------
diff --git a/mailet/crypto/src/main/java/org/apache/james/transport/mailets/AbstractSign.java b/mailet/crypto/src/main/java/org/apache/james/transport/mailets/AbstractSign.java
index 84f95b6..6f9901b 100644
--- a/mailet/crypto/src/main/java/org/apache/james/transport/mailets/AbstractSign.java
+++ b/mailet/crypto/src/main/java/org/apache/james/transport/mailets/AbstractSign.java
@@ -23,11 +23,14 @@ package org.apache.james.transport.mailets;
import org.apache.james.transport.KeyHolder;
import org.apache.james.transport.SMIMEAttributeNames;
+import org.apache.james.user.api.UsersRepository;
+import org.apache.james.user.api.UsersRepositoryException;
import org.apache.mailet.base.GenericMailet;
import org.apache.mailet.Mail;
import org.apache.mailet.MailAddress;
import org.apache.mailet.base.RFC2822Headers;
+import javax.inject.Inject;
import javax.mail.MessagingException;
import javax.mail.Session;
import javax.mail.internet.InternetAddress;
@@ -40,6 +43,9 @@ import java.io.IOException;
import java.util.Enumeration;
import java.lang.reflect.Constructor;
+import com.google.common.base.Objects;
+import com.google.common.base.Throwables;
+
/**
* <P>Abstract mailet providing common SMIME signature services.
* It can be subclassed to make authoring signing mailets simple.
@@ -142,6 +148,9 @@ public abstract class AbstractSign extends GenericMailet {
* Holds value of property signerName.
*/
private String signerName;
+
+ @Inject
+ private UsersRepository usersRepository;
/**
* Gets the expected init parameters.
@@ -564,20 +573,19 @@ public abstract class AbstractSign extends GenericMailet {
// Is it a bounce?
if (reversePath == null) {
- log("Can not sign : no sender");
+ log("Can not sign: no sender");
return false;
}
String authUser = (String) mail.getAttribute("org.apache.james.SMTPAuthUser");
// was the sender user SMTP authorized?
if (authUser == null) {
- log("Can not sign mail for sender " + mail.getSender() + " as he is not a SMTP authenticated user");
+ log("Can not sign mail for sender <" + mail.getSender() + "> as he is not a SMTP authenticated user");
return false;
}
// The sender is the postmaster?
- if (getMailetContext().getPostmaster() != null &&
- getMailetContext().getPostmaster().equals(reversePath)) {
+ if (Objects.equal(getMailetContext().getPostmaster(), reversePath)) {
// should not sign postmaster sent messages?
if (!isPostmasterSigns()) {
log("Can not sign mails for postmaster");
@@ -585,8 +593,9 @@ public abstract class AbstractSign extends GenericMailet {
}
} else {
// is the reverse-path user different from the SMTP authorized user?
- if (!reversePath.getLocalPart().equals(authUser)) {
- log("SMTP logged in as " + authUser + " but pretend to be sender " + mail.getSender());
+ String username = getUsername(reversePath);
+ if (!username.equals(authUser)) {
+ log("SMTP logged in as <" + authUser + "> but pretend to be sender <" + username + ">");
return false;
}
// is there no "From:" address same as the reverse-path?
@@ -606,7 +615,18 @@ public abstract class AbstractSign extends GenericMailet {
return !isAlreadySigned;
}
-
+
+ private String getUsername(MailAddress mailAddress) {
+ try {
+ if (usersRepository.supportVirtualHosting()) {
+ return mailAddress.asString();
+ }
+ return mailAddress.getLocalPart();
+ } catch (UsersRepositoryException e) {
+ throw Throwables.propagate(e);
+ }
+ }
+
/**
* Creates the {@link javax.mail.internet.MimeBodyPart} that will be signed.
* For example, may attach a text file explaining the meaning of the signature,
http://git-wip-us.apache.org/repos/asf/james-project/blob/f3a7becb/mailet/pom.xml
----------------------------------------------------------------------
diff --git a/mailet/pom.xml b/mailet/pom.xml
index 1183e55..fe212ca 100644
--- a/mailet/pom.xml
+++ b/mailet/pom.xml
@@ -40,6 +40,7 @@
<sourceReleaseAssemblyDescriptor>project</sourceReleaseAssemblyDescriptor>
<plugin.mailetdocs.version>0.1</plugin.mailetdocs.version>
<javax.version>1.4.4</javax.version>
+ <javax.inject.version>1</javax.inject.version>
<junit.version>4.10</junit.version>
<activation.version>1.1.1</activation.version>
<commons-collections.version>3.2.1</commons-collections.version>
@@ -96,6 +97,11 @@
<version>${activation.version}</version>
</dependency>
<dependency>
+ <groupId>javax.inject</groupId>
+ <artifactId>javax.inject</artifactId>
+ <version>${javax.inject.version}</version>
+ </dependency>
+ <dependency>
<groupId>org.bouncycastle</groupId>
<artifactId>bcmail-jdk15on</artifactId>
<version>1.52</version>
---------------------------------------------------------------------
To unsubscribe, e-mail: server-dev-unsubscribe@james.apache.org
For additional commands, e-mail: server-dev-help@james.apache.org