You are viewing a plain text version of this content. The canonical link for it is here.
Posted to server-dev@james.apache.org by ba...@apache.org on 2006/01/10 00:56:43 UTC
svn commit: r367427 - in /james/server/trunk/src:
java/org/apache/james/smtpserver/RcptCmdHandler.java
test/org/apache/james/smtpserver/SMTPServerTest.java
Author: bago
Date: Mon Jan 9 15:56:32 2006
New Revision: 367427
URL: http://svn.apache.org/viewcvs?rev=367427&view=rev
Log:
Temporary fix for NPE if AUTH is used with empty sender (JAMES-434 and related test)
Modified:
james/server/trunk/src/java/org/apache/james/smtpserver/RcptCmdHandler.java
james/server/trunk/src/test/org/apache/james/smtpserver/SMTPServerTest.java
Modified: james/server/trunk/src/java/org/apache/james/smtpserver/RcptCmdHandler.java
URL: http://svn.apache.org/viewcvs/james/server/trunk/src/java/org/apache/james/smtpserver/RcptCmdHandler.java?rev=367427&r1=367426&r2=367427&view=diff
==============================================================================
--- james/server/trunk/src/java/org/apache/james/smtpserver/RcptCmdHandler.java (original)
+++ james/server/trunk/src/java/org/apache/james/smtpserver/RcptCmdHandler.java Mon Jan 9 15:56:32 2006
@@ -158,7 +158,7 @@
String authUser = (session.getUser()).toLowerCase(Locale.US);
MailAddress senderAddress = (MailAddress) session.getState().get(SENDER);
- if ((!authUser.equals(senderAddress.getUser())) ||
+ if ((senderAddress == null) || (!authUser.equals(senderAddress.getUser())) ||
(!session.getConfigurationData().getMailServer().isLocalServer(senderAddress.getHost()))) {
responseString = "503 "+DSNStatus.getStatus(DSNStatus.PERMANENT,DSNStatus.SECURITY_AUTH)+" Incorrect Authentication for Specified Email Address";
session.writeResponse(responseString);
Modified: james/server/trunk/src/test/org/apache/james/smtpserver/SMTPServerTest.java
URL: http://svn.apache.org/viewcvs/james/server/trunk/src/test/org/apache/james/smtpserver/SMTPServerTest.java?rev=367427&r1=367426&r2=367427&view=diff
==============================================================================
--- james/server/trunk/src/test/org/apache/james/smtpserver/SMTPServerTest.java (original)
+++ james/server/trunk/src/test/org/apache/james/smtpserver/SMTPServerTest.java Mon Jan 9 15:56:32 2006
@@ -295,6 +295,38 @@
assertNotNull("mail received by mail server", m_mailServer.getLastMail());
}
+ public void testAuthWithEmptySender() throws Exception {
+ m_testConfiguration.setAuthorizedAddresses("128.0.0.1/8");
+ m_testConfiguration.setAuthorizingAnnounce();
+ finishSetUp(m_testConfiguration);
+
+ MySMTPProtocol smtpProtocol = new MySMTPProtocol("127.0.0.1", m_smtpListenerPort);
+ smtpProtocol.openPort();
+
+ smtpProtocol.ehlo(InetAddress.getLocalHost());
+
+ String userName = "test_user_smtp";
+ m_usersRepository.addUser(userName, "pwd");
+
+ smtpProtocol.mail(new Address(""));
+
+ try {
+ smtpProtocol.auth("PLAIN", userName, "pwd".toCharArray());
+ } catch (SMTPException e) {
+ e.printStackTrace();
+ fail("authentication failed");
+ }
+
+ try {
+ smtpProtocol.rcpt(new Address("mail@sample.com"));
+ fail("smtpserver allowed an empty sender for an authenticated user");
+ } catch (SMTPException e) {
+ assertEquals("expected error", 503, e.getCode());
+ }
+
+ smtpProtocol.quit();
+ }
+
public void testNoRecepientSpecified() throws Exception, SMTPException {
finishSetUp(m_testConfiguration);
---------------------------------------------------------------------
To unsubscribe, e-mail: server-dev-unsubscribe@james.apache.org
For additional commands, e-mail: server-dev-help@james.apache.org