X-Git-Url: https://code.wpia.club/?p=gigi.git;a=blobdiff_plain;f=src%2Forg%2Fcacert%2Fgigi%2Femail%2FEmailProvider.java;h=6834d461d0060c850438491de3c5246995c4f2a9;hp=918d7da34a4caed5f5fec3cf5053a5720647972d;hb=680b03f826182ea5d743b9fa6bc4b5b16e001e10;hpb=5fd49eb7182b2522ee36be1f413f85271a20766c

diff --git a/src/org/cacert/gigi/email/EmailProvider.java b/src/org/cacert/gigi/email/EmailProvider.java
index 918d7da3..6834d461 100644
--- a/src/org/cacert/gigi/email/EmailProvider.java
+++ b/src/org/cacert/gigi/email/EmailProvider.java
@@ -3,6 +3,7 @@ package org.cacert.gigi.email;
 import java.io.BufferedReader;
 import java.io.IOException;
 import java.io.InputStreamReader;
+import java.io.OutputStreamWriter;
 import java.io.PrintWriter;
 import java.net.Socket;
 import java.security.GeneralSecurityException;
@@ -19,13 +20,13 @@ import javax.naming.NamingException;
 import javax.net.ssl.SSLSocketFactory;
 
 import org.cacert.gigi.crypto.SMIME;
-import org.cacert.gigi.database.DatabaseConnection;
 import org.cacert.gigi.database.GigiPreparedStatement;
 import org.cacert.gigi.util.DNSUtil;
+import org.cacert.gigi.util.DomainAssessment;
 
 public abstract class EmailProvider {
 
-    public abstract void sendmail(String to, String subject, String message, String from, String replyto, String toname, String fromname, String errorsto, boolean extra) throws IOException;
+    public abstract void sendMail(String to, String subject, String message, String replyto, String toname, String fromname, String errorsto, boolean extra) throws IOException;
 
     private static EmailProvider instance;
 
@@ -33,13 +34,19 @@ public abstract class EmailProvider {
 
     private PrivateKey k;
 
-    protected final void init(Certificate c, Key k) {
+    protected void init(Certificate c, Key k) {
         this.c = (X509Certificate) c;
         this.k = (PrivateKey) k;
     }
 
     protected final void sendSigned(String contents, PrintWriter output) throws IOException, GeneralSecurityException {
-        SMIME.smime(contents, k, c, output);
+        if (k == null || c == null) {
+            output.println("Content-Transfer-Encoding: base64");
+            output.println();
+            output.print(contents);
+        } else {
+            SMIME.smime(contents, k, c, output);
+        }
     }
 
     public static EmailProvider getInstance() {
@@ -65,10 +72,20 @@ public abstract class EmailProvider {
 
     public static final String FAIL = "FAIL";
 
-    public static final Pattern MAIL = Pattern.compile("^([a-zA-Z0-9])+([a-zA-Z0-9\\+\\._-])*@([a-zA-Z0-9_-])+([a-zA-Z0-9\\._-]+)+$");
+    private static final String MAIL_P_RFC_WORD = "[A-Za-z0-9\\+\\.!#$%&'*/=?^_`|~{}-]+";
+
+    private static final String MAIL_P_RFC_LOCAL = MAIL_P_RFC_WORD + "(?:\\." + MAIL_P_RFC_WORD + ")*";
+
+    private static final String MAIL_P_RFC_LABEL = "(?!(?!xn)..--|-)(?:[A-Za-z0-9-]+)(?<!-)";
+
+    private static final String MAIL_P_RFC_ADDRESS = MAIL_P_RFC_LOCAL + "@(?:" + MAIL_P_RFC_LABEL + "\\.)+" + MAIL_P_RFC_LABEL + "\\.?";
+
+    private static final Pattern MAIL_LOCAL = Pattern.compile("^" + MAIL_P_RFC_LOCAL + "$");
+
+    private static final Pattern MAIL_ADDRESS = Pattern.compile("^" + MAIL_P_RFC_ADDRESS + "$");
 
     public String checkEmailServer(int forUid, String address) throws IOException {
-        if (MAIL.matcher(address).matches()) {
+        if (isValidMailAddress(address)) {
             String[] parts = address.split("@", 2);
             String domain = parts[1];
 
@@ -87,11 +104,13 @@ public abstract class EmailProvider {
                 } else {
                     return "Strange MX records.";
                 }
-                try (Socket s = new Socket(host, 25); BufferedReader br0 = new BufferedReader(new InputStreamReader(s.getInputStream(), "UTF-8")); PrintWriter pw0 = new PrintWriter(s.getOutputStream())) {
+                try (Socket s = new Socket(host, 25);
+                        BufferedReader br0 = new BufferedReader(new InputStreamReader(s.getInputStream(), "UTF-8"));//
+                        PrintWriter pw0 = new PrintWriter(new OutputStreamWriter(s.getOutputStream(), "UTF-8"))) {
                     BufferedReader br = br0;
                     PrintWriter pw = pw0;
                     String line;
-                    if ( !Sendmail.readSMTPResponse(br, 220)) {
+                    if ( !SendMail.readSMTPResponse(br, 220)) {
                         continue;
                     }
 
@@ -112,15 +131,15 @@ public abstract class EmailProvider {
                     if (starttls) {
                         pw.print("STARTTLS\r\n");
                         pw.flush();
-                        if ( !Sendmail.readSMTPResponse(br, 220)) {
+                        if ( !SendMail.readSMTPResponse(br, 220)) {
                             continue;
                         }
                         Socket s1 = ((SSLSocketFactory) SSLSocketFactory.getDefault()).createSocket(s, host, 25, true);
                         br = new BufferedReader(new InputStreamReader(s1.getInputStream(), "UTF-8"));
-                        pw = new PrintWriter(s1.getOutputStream());
+                        pw = new PrintWriter(new OutputStreamWriter(s1.getOutputStream(), "UTF-8"));
                         pw.print("EHLO www.cacert.org\r\n");
                         pw.flush();
-                        if ( !Sendmail.readSMTPResponse(br, 250)) {
+                        if ( !SendMail.readSMTPResponse(br, 250)) {
                             continue;
                         }
                     }
@@ -128,26 +147,28 @@ public abstract class EmailProvider {
                     pw.print("MAIL FROM: <returns@cacert.org>\r\n");
                     pw.flush();
 
-                    if ( !Sendmail.readSMTPResponse(br, 250)) {
+                    if ( !SendMail.readSMTPResponse(br, 250)) {
                         continue;
                     }
                     pw.print("RCPT TO: <" + address + ">\r\n");
                     pw.flush();
 
-                    if ( !Sendmail.readSMTPResponse(br, 250)) {
+                    if ( !SendMail.readSMTPResponse(br, 250)) {
                         continue;
                     }
                     pw.print("QUIT\r\n");
                     pw.flush();
-                    if ( !Sendmail.readSMTPResponse(br, 221)) {
+                    if ( !SendMail.readSMTPResponse(br, 221)) {
                         continue;
                     }
 
-                    GigiPreparedStatement statmt = DatabaseConnection.getInstance().prepare("insert into `emailPinglog` set `when`=NOW(), `email`=?, `result`=?, `uid`=?");
-                    statmt.setString(1, address);
-                    statmt.setString(2, line);
-                    statmt.setInt(3, forUid);
-                    statmt.execute();
+                    try (GigiPreparedStatement statmt = new GigiPreparedStatement("INSERT INTO `emailPinglog` SET `when`=NOW(), `email`=?, `result`=?, `uid`=?, `type`='fast', `status`=?::`pingState`")) {
+                        statmt.setString(1, address);
+                        statmt.setString(2, line);
+                        statmt.setInt(3, forUid);
+                        statmt.setString(4, "success");
+                        statmt.execute();
+                    }
 
                     if (line == null || !line.startsWith("250")) {
                         return line;
@@ -158,11 +179,13 @@ public abstract class EmailProvider {
 
             }
         }
-        GigiPreparedStatement statmt = DatabaseConnection.getInstance().prepare("insert into `emailPinglog` set `when`=NOW(), `email`=?, `result`=?, `uid`=?");
-        statmt.setString(1, address);
-        statmt.setString(2, "Failed to make a connection to the mail server");
-        statmt.setInt(3, forUid);
-        statmt.execute();
+        try (GigiPreparedStatement statmt = new GigiPreparedStatement("INSERT INTO `emailPinglog` SET `when`=NOW(), `email`=?, `result`=?, `uid`=?, `type`='fast', `status`=?::`pingState`")) {
+            statmt.setString(1, address);
+            statmt.setString(2, "Failed to make a connection to the mail server");
+            statmt.setInt(3, forUid);
+            statmt.setString(4, "failed");
+            statmt.execute();
+        }
         return FAIL;
     }
 
@@ -178,4 +201,27 @@ public abstract class EmailProvider {
         });
     }
 
+    public static boolean isValidMailAddress(String address) {
+        if ( !MAIL_ADDRESS.matcher(address).matches()) {
+            return false;
+        }
+
+        String[] parts = address.split("@", 2);
+
+        String local = parts[0];
+        String domain = parts[1];
+
+        if ( !MAIL_LOCAL.matcher(local).matches()) {
+            return false;
+        }
+
+        for (String domainPart : domain.split("\\.", -1)) {
+            if ( !DomainAssessment.isValidDomainPart(domainPart)) {
+                return false;
+            }
+        }
+
+        return true;
+    }
+
 }