Package org.subethamail.smtp.command

Source Code of org.subethamail.smtp.command.StartTLSCommand

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
package org.subethamail.smtp.command;

import java.io.IOException;
import java.net.Socket;
import java.security.cert.Certificate;
import java.util.Locale;

import javax.net.ssl.SSLHandshakeException;
import javax.net.ssl.SSLPeerUnverifiedException;
import javax.net.ssl.SSLSocket;

import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.subethamail.smtp.server.BaseCommand;
import org.subethamail.smtp.server.Session;

/**
* @author Michael Wildpaner <mike@wildpaner.com>
* @author Jeff Schnitzer
*/
public class StartTLSCommand extends BaseCommand
{
  private final static Logger log = LoggerFactory.getLogger(StartTLSCommand.class);

  /** */
  public StartTLSCommand()
  {
    super("STARTTLS", "The starttls command");
  }

  /** */
  @Override
  public void execute(String commandString, Session sess) throws IOException
  {
    if (!commandString.trim().toUpperCase(Locale.ENGLISH).equals(this.getName()))
    {
      sess.sendResponse("501 Syntax error (no parameters allowed)");
      return;
    }

    if (!sess.getServer().getEnableTLS())
    {
      sess.sendResponse("454 TLS not supported");
      return;
    }

    try
    {
      Socket socket = sess.getSocket();
      if (socket instanceof SSLSocket)
      {
        sess.sendResponse("454 TLS not available due to temporary reason: TLS already active");
        return;
      }

      sess.sendResponse("220 Ready to start TLS");

      SSLSocket s = sess.getServer().createSSLSocket(socket);
      s.startHandshake();
      log.debug("Cipher suite: " + s.getSession().getCipherSuite());

      sess.setSocket(s);
      sess.resetMessageState(); // clean slate
      sess.setTlsStarted(true);

      if (s.getNeedClientAuth())
      {
        try
        {
          Certificate[] peerCertificates = s.getSession().getPeerCertificates();
          sess.setTlsPeerCertificates(peerCertificates);
        }
        catch (SSLPeerUnverifiedException e)
        {
          // IGNORE, just leave the certificate chain null
        }
      }
    }
    catch (SSLHandshakeException ex)
    {
      // "no cipher suites in common" is common and puts a lot of crap in the logs.
      // This will at least limit it to a single WARN line and not a whole stacktrace.
      // Unfortunately it might catch some other types of SSLHandshakeException (if
      // in fact other types exist), but oh well.
      log.warn("startTLS() failed: " + ex);
    }
    catch (IOException ex)
    {
      log.warn("startTLS() failed: " + ex.getMessage(), ex);
    }
  }
}
TOP

Related Classes of org.subethamail.smtp.command.StartTLSCommand

  • javax.net.ssl.SSLSocketFactory
  • java.net.InetSocketAddress
  • javax.net.ssl.SSLSocket
  • java.net.Socket
    • TOP
    Copyright © 2018 www.massapi.com. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.