upd: Implement the patches for old bug 1288, and bug 1318
authorFelix Dörre <felix@dogcraft.de>
Tue, 2 Dec 2014 09:44:49 +0000 (10:44 +0100)
committerJanis Streib <janis@dogcraft.de>
Wed, 31 Dec 2014 01:36:12 +0000 (02:36 +0100)
src/org/cacert/gigi/email/EmailProvider.java
src/org/cacert/gigi/email/Sendmail.java

index b67c44306e1a8af00dbf01de879ee10779e9d6cc..49a27356061062cc06f2d58f7eaba0dabee0eb5c 100644 (file)
@@ -10,10 +10,13 @@ import java.security.Key;
 import java.security.PrivateKey;
 import java.security.cert.Certificate;
 import java.security.cert.X509Certificate;
+import java.util.Arrays;
+import java.util.Comparator;
 import java.util.Properties;
 import java.util.regex.Pattern;
 
 import javax.naming.NamingException;
+import javax.net.ssl.SSLSocketFactory;
 
 import org.cacert.gigi.crypto.SMIME;
 import org.cacert.gigi.database.DatabaseConnection;
@@ -75,6 +78,7 @@ public abstract class EmailProvider {
             } catch (NamingException e1) {
                 return "MX lookup for your hostname failed.";
             }
+            sortMX(mxhosts);
 
             for (String host : mxhosts) {
                 host = host.split(" ", 2)[1];
@@ -83,37 +87,60 @@ public abstract class EmailProvider {
                 } else {
                     return "Strange MX records.";
                 }
-                try (Socket s = new Socket(host, 25); BufferedReader br = new BufferedReader(new InputStreamReader(s.getInputStream())); PrintWriter pw = new PrintWriter(s.getOutputStream())) {
+                try (Socket s = new Socket(host, 25); BufferedReader br0 = new BufferedReader(new InputStreamReader(s.getInputStream())); PrintWriter pw0 = new PrintWriter(s.getOutputStream())) {
+                    BufferedReader br = br0;
+                    PrintWriter pw = pw0;
                     String line;
-                    while ((line = br.readLine()) != null && line.startsWith("220-")) {
-                    }
-                    if (line == null || !line.startsWith("220")) {
+                    if ( !Sendmail.readSMTPResponse(br, 220)) {
                         continue;
                     }
 
-                    pw.print("HELO www.cacert.org\r\n");
+                    pw.print("EHLO www.cacert.org\r\n");
                     pw.flush();
-
-                    while ((line = br.readLine()) != null && line.startsWith("220")) {
+                    boolean starttls = false;
+                    do {
+                        line = br.readLine();
+                        if (line == null)
+                            break;
+                        starttls |= line.substring(4).equals("STARTTLS");
+                    } while (line.startsWith("250-"));
+                    if (line == null || !line.startsWith("250 ")) {
+                        continue;
                     }
 
-                    if (line == null || !line.startsWith("250")) {
-                        continue;
+                    if (starttls) {
+                        pw.print("STARTTLS\r\n");
+                        pw.flush();
+                        if ( !Sendmail.readSMTPResponse(br, 220)) {
+                            continue;
+                        }
+                        Socket s1 = ((SSLSocketFactory) SSLSocketFactory.getDefault()).createSocket(s, host, 25, true);
+                        br = new BufferedReader(new InputStreamReader(s1.getInputStream()));
+                        pw = new PrintWriter(s1.getOutputStream());
+                        pw.print("EHLO www.cacert.org\r\n");
+                        pw.flush();
+                        if ( !Sendmail.readSMTPResponse(br, 250)) {
+                            continue;
+                        }
                     }
+
                     pw.print("MAIL FROM: <returns@cacert.org>\r\n");
                     pw.flush();
 
-                    line = br.readLine();
-
-                    if (line == null || !line.startsWith("250")) {
+                    if ( !Sendmail.readSMTPResponse(br, 250)) {
                         continue;
                     }
                     pw.print("RCPT TO: <" + address + ">\r\n");
                     pw.flush();
 
-                    line = br.readLine();
+                    if ( !Sendmail.readSMTPResponse(br, 250)) {
+                        continue;
+                    }
                     pw.print("QUIT\r\n");
                     pw.flush();
+                    if ( !Sendmail.readSMTPResponse(br, 221)) {
+                        continue;
+                    }
 
                     GigiPreparedStatement statmt = DatabaseConnection.getInstance().prepare("insert into `emailPinglog` set `when`=NOW(), `email`=?, `result`=?, `uid`=?");
                     statmt.setString(1, address);
@@ -138,4 +165,16 @@ public abstract class EmailProvider {
         return FAIL;
     }
 
+    private static void sortMX(String[] mxhosts) {
+        Arrays.sort(mxhosts, new Comparator<String>() {
+
+            @Override
+            public int compare(String o1, String o2) {
+                int i1 = Integer.parseInt(o1.split(" ")[0]);
+                int i2 = Integer.parseInt(o2.split(" ")[0]);
+                return Integer.compare(i1, i2);
+            }
+        });
+    }
+
 }
index 1eb1d914f4750444d0bdf3c47d2d0b66965974fc..008f3c69be986aec9dcc4f36d05cb0b80f04df40 100644 (file)
@@ -29,22 +29,22 @@ public class Sendmail extends EmailProvider {
         Socket smtp = new Socket("localhost", 25);
         PrintWriter out = new PrintWriter(smtp.getOutputStream());
         BufferedReader in = new BufferedReader(new InputStreamReader(smtp.getInputStream()));
-        readResponse(in);
+        readSMTPResponse(in, 220);
         out.print("HELO www.cacert.org\r\n");
         out.flush();
-        readResponse(in);
+        readSMTPResponse(in, 250);
         out.print("MAIL FROM:<returns@cacert.org>\r\n");
         out.flush();
-        readResponse(in);
+        readSMTPResponse(in, 250);
         bits = to.split(",");
         for (String user : bits) {
             out.print("RCPT TO:<" + user.trim() + ">\r\n");
             out.flush();
-            readResponse(in);
+            readSMTPResponse(in, 250);
         }
         out.print("DATA\r\n");
         out.flush();
-        readResponse(in);
+        readSMTPResponse(in, 250);
         out.print("X-Mailer: CAcert.org Website\r\n");
         // if (array_key_exists("REMOTE_ADDR", $_SERVER)) {
         // out.print("X-OriginatingIP: ".$_SERVER["REMOTE_ADDR"]."\r\n");
@@ -87,18 +87,23 @@ public class Sendmail extends EmailProvider {
             smtp.close();
             return;
         }
-        readResponse(in);
+        readSMTPResponse(in, 250);
         out.print("QUIT\n");
         out.flush();
-        readResponse(in);
+        readSMTPResponse(in, 221);
         smtp.close();
     }
 
-    private static void readResponse(BufferedReader in) throws IOException {
+    public static boolean readSMTPResponse(BufferedReader in, int code) throws IOException {
         String line;
-        while ((line = in.readLine()) != null && line.matches("\\d+-")) {
-            System.out.println(line);
+        while ((line = in.readLine()) != null) {
+            if (line.startsWith(code + " ")) {
+                return true;
+            } else if ( !line.startsWith(code + "-")) {
+                return false;
+            }
         }
+        return false;
 
     }