eclipse.preferences.version=1
+org.eclipse.jdt.core.compiler.codegen.inlineJsrBytecode=enabled
+org.eclipse.jdt.core.compiler.codegen.methodParameters=do not generate
org.eclipse.jdt.core.compiler.codegen.targetPlatform=1.7
+org.eclipse.jdt.core.compiler.codegen.unusedLocal=preserve
org.eclipse.jdt.core.compiler.compliance=1.7
+org.eclipse.jdt.core.compiler.debug.lineNumber=generate
+org.eclipse.jdt.core.compiler.debug.localVariable=generate
+org.eclipse.jdt.core.compiler.debug.sourceFile=generate
+org.eclipse.jdt.core.compiler.problem.assertIdentifier=error
+org.eclipse.jdt.core.compiler.problem.enumIdentifier=error
org.eclipse.jdt.core.compiler.source=1.7
org.eclipse.jdt.core.formatter.align_type_members_on_columns=false
org.eclipse.jdt.core.formatter.alignment_for_arguments_in_allocation_expression=16
org.eclipse.jdt.core.formatter.brace_position_for_constructor_declaration=end_of_line
org.eclipse.jdt.core.formatter.brace_position_for_enum_constant=end_of_line
org.eclipse.jdt.core.formatter.brace_position_for_enum_declaration=end_of_line
+org.eclipse.jdt.core.formatter.brace_position_for_lambda_body=end_of_line
org.eclipse.jdt.core.formatter.brace_position_for_method_declaration=end_of_line
org.eclipse.jdt.core.formatter.brace_position_for_switch=end_of_line
org.eclipse.jdt.core.formatter.brace_position_for_type_declaration=end_of_line
org.eclipse.jdt.core.formatter.insert_new_line_after_annotation_on_type=insert
org.eclipse.jdt.core.formatter.insert_new_line_after_label=do not insert
org.eclipse.jdt.core.formatter.insert_new_line_after_opening_brace_in_array_initializer=do not insert
+org.eclipse.jdt.core.formatter.insert_new_line_after_type_annotation=do not insert
org.eclipse.jdt.core.formatter.insert_new_line_at_end_of_file_if_missing=do not insert
org.eclipse.jdt.core.formatter.insert_new_line_before_catch_in_try_statement=do not insert
org.eclipse.jdt.core.formatter.insert_new_line_before_closing_brace_in_array_initializer=do not insert
org.eclipse.jdt.core.formatter.insert_space_after_comma_in_type_arguments=insert
org.eclipse.jdt.core.formatter.insert_space_after_comma_in_type_parameters=insert
org.eclipse.jdt.core.formatter.insert_space_after_ellipsis=insert
+org.eclipse.jdt.core.formatter.insert_space_after_lambda_arrow=insert
org.eclipse.jdt.core.formatter.insert_space_after_opening_angle_bracket_in_parameterized_type_reference=do not insert
org.eclipse.jdt.core.formatter.insert_space_after_opening_angle_bracket_in_type_arguments=do not insert
org.eclipse.jdt.core.formatter.insert_space_after_opening_angle_bracket_in_type_parameters=do not insert
org.eclipse.jdt.core.formatter.insert_space_before_comma_in_type_arguments=do not insert
org.eclipse.jdt.core.formatter.insert_space_before_comma_in_type_parameters=do not insert
org.eclipse.jdt.core.formatter.insert_space_before_ellipsis=do not insert
+org.eclipse.jdt.core.formatter.insert_space_before_lambda_arrow=insert
org.eclipse.jdt.core.formatter.insert_space_before_opening_angle_bracket_in_parameterized_type_reference=do not insert
org.eclipse.jdt.core.formatter.insert_space_before_opening_angle_bracket_in_type_arguments=do not insert
org.eclipse.jdt.core.formatter.insert_space_before_opening_angle_bracket_in_type_parameters=do not insert
eclipse.preferences.version=1
formatter_profile=_cacert-gigi
formatter_settings_version=12
+org.eclipse.jdt.ui.ignorelowercasenames=true
+org.eclipse.jdt.ui.importorder=java;javax;org;com;
+org.eclipse.jdt.ui.ondemandthreshold=99
+org.eclipse.jdt.ui.staticondemandthreshold=1
}
public EmailAddress(String address, User owner) {
+ if (!EmailProvider.MAIL.matcher(address).matches()) {
+ throw new IllegalArgumentException("Invalid email.");
+ }
this.address = address;
this.owner = owner;
this.hash = RandomToken.generateToken(16);
e.printStackTrace();
}
}
+
+ public void deleteEmail(EmailAddress mail) {
+ if (getEmail().equals(mail.getAddress())) {
+ throw new IllegalArgumentException("Can't delete user's default e-mail.");
+ }
+ try {
+ PreparedStatement ps = DatabaseConnection.getInstance().prepare("DELETE FROM email WHERE id=?");
+ ps.setInt(1, mail.getId());
+ ps.execute();
+ } catch (SQLException e) {
+ e.printStackTrace();
+ }
+ }
}
return instance;
}
+ protected static void setInstance(EmailProvider instance) {
+ EmailProvider.instance = instance;
+ }
+
public static void init(Properties conf) {
try {
Class<?> c = Class.forName(conf.getProperty("emailProvider"));
import org.cacert.gigi.EmailAddress;
import org.cacert.gigi.Language;
import org.cacert.gigi.User;
-import org.cacert.gigi.email.EmailProvider;
import org.cacert.gigi.output.Form;
import org.cacert.gigi.output.template.Template;
import org.cacert.gigi.pages.Page;
@Override
public boolean submit(PrintWriter out, HttpServletRequest req) {
String formMail = req.getParameter("newemail");
- if (!EmailProvider.MAIL.matcher(formMail).matches()) {
- // TODO Proper error output (css, maybe abstract)
- out.println("<b>Error: Invalid address!</b>");
+ mail = formMail;
+ try {
+ EmailAddress addr = new EmailAddress(mail, target);
+ addr.insert(Page.getLanguage(req));
+ } catch (IllegalArgumentException e) {
+ out.println("<div class='formError'>Error: Invalid address!</div>");
return false;
}
- mail = formMail;
- EmailAddress addr = new EmailAddress(mail, target);
- addr.insert(Page.getLanguage(req));
return true;
}
public boolean submit(PrintWriter out, HttpServletRequest req) {
if (req.getParameter("makedefault") != null) {
try {
- target.updateDefaultEmail(EmailAddress.getById(Integer.parseInt(req.getParameter("emailid").trim())));
+ String mailid = req.getParameter("emailid");
+ if (mailid == null) {
+ return false;
+ }
+ target.updateDefaultEmail(EmailAddress.getById(Integer.parseInt(mailid.trim())));
} catch (Exception e) {
- out.println("<b>Error precessing your request.</b>");
+ out.println("<div class='formError'>Error precessing your request.</div>");
e.printStackTrace();
return false;
}
return true;
}
+ if (req.getParameter("delete") != null) {
+ String[] toDel = req.getParameterValues("delid[]");
+ if (toDel == null) {
+ return false;
+ }
+ for (int i = 0; i < toDel.length; i++) {
+ try {
+ target.deleteEmail(EmailAddress.getById(Integer.parseInt(toDel[i].trim())));
+ } catch (Exception e) {
+ out.println("<div class='formError'>Error precessing your request.</div>");
+ e.printStackTrace();
+ return false;
+ }
+ }
+ return true;
+
+ }
return false;
}
resp.sendRedirect(MailOverview.DEFAULT_PATH);
}
} else if (req.getParameter("makedefault") != null || req.getParameter("delete") != null) {
- System.out.println("MakeDefault/Delete");
MailManagementForm f = Form.getForm(req, MailManagementForm.class);
f.submit(out, req);
}
import static org.junit.Assert.*;
import java.io.IOException;
-import java.io.OutputStream;
-import java.io.UnsupportedEncodingException;
-import java.net.MalformedURLException;
-import java.net.URL;
-import java.net.URLConnection;
import java.net.URLEncoder;
import org.cacert.gigi.GigiApiException;
import org.cacert.gigi.User;
-import org.cacert.gigi.testUtils.IOUtils;
import org.cacert.gigi.testUtils.ManagedTest;
import org.junit.Test;
public class TestChangePassword extends ManagedTest {
User u = User.getById(createVerifiedUser("fn", "ln", createUniqueName() + "uni@example.org", TEST_PASSWORD));
String cookie;
+ String path = ChangePasswordPage.PATH;
public TestChangePassword() throws IOException {
cookie = login(u.getEmail(), TEST_PASSWORD);
@Test
public void testChangePasswordWeb() throws IOException {
- String error = executeChangePassword("oldpassword=" + URLEncoder.encode(TEST_PASSWORD, "UTF-8") //
- + "&pword1=" + URLEncoder.encode(TEST_PASSWORD + "v2", "UTF-8")//
- + "&pword2=" + URLEncoder.encode(TEST_PASSWORD + "v2", "UTF-8"));
+ String error = executeBasicWebInteraction(cookie, path,
+ "oldpassword=" + URLEncoder.encode(TEST_PASSWORD, "UTF-8") //
+ + "&pword1=" + URLEncoder.encode(TEST_PASSWORD + "v2", "UTF-8")//
+ + "&pword2=" + URLEncoder.encode(TEST_PASSWORD + "v2", "UTF-8"));
assertNull(error);
assertTrue(isLoggedin(login(u.getEmail(), TEST_PASSWORD + "v2")));
assertFalse(isLoggedin(login(u.getEmail(), TEST_PASSWORD)));
@Test
public void testChangePasswordWebOldWrong() throws IOException {
- String error = executeChangePassword("oldpassword=a" + URLEncoder.encode(TEST_PASSWORD, "UTF-8") //
- + "&pword1=" + URLEncoder.encode(TEST_PASSWORD + "v2", "UTF-8")//
- + "&pword2=" + URLEncoder.encode(TEST_PASSWORD + "v2", "UTF-8"));
+ String error = executeBasicWebInteraction(cookie, path,
+ "oldpassword=a" + URLEncoder.encode(TEST_PASSWORD, "UTF-8") //
+ + "&pword1=" + URLEncoder.encode(TEST_PASSWORD + "v2", "UTF-8")//
+ + "&pword2=" + URLEncoder.encode(TEST_PASSWORD + "v2", "UTF-8"));
assertNotNull(error);
assertFalse(isLoggedin(login(u.getEmail(), TEST_PASSWORD + "v2")));
assertTrue(isLoggedin(login(u.getEmail(), TEST_PASSWORD)));
@Test
public void testChangePasswordWebNewWrong() throws IOException {
- String error = executeChangePassword("oldpassword=" + URLEncoder.encode(TEST_PASSWORD, "UTF-8") //
- + "&pword1=" + URLEncoder.encode(TEST_PASSWORD + "v2", "UTF-8")//
- + "&pword2=a" + URLEncoder.encode(TEST_PASSWORD + "v2", "UTF-8"));
+ String error = executeBasicWebInteraction(cookie, path,
+ "oldpassword=" + URLEncoder.encode(TEST_PASSWORD, "UTF-8") //
+ + "&pword1=" + URLEncoder.encode(TEST_PASSWORD + "v2", "UTF-8")//
+ + "&pword2=a" + URLEncoder.encode(TEST_PASSWORD + "v2", "UTF-8"));
assertNotNull(error);
assertFalse(isLoggedin(login(u.getEmail(), TEST_PASSWORD + "v2")));
assertTrue(isLoggedin(login(u.getEmail(), TEST_PASSWORD)));
@Test
public void testChangePasswordWebNewEasy() throws IOException {
- String error = executeChangePassword("oldpassword=" + URLEncoder.encode(TEST_PASSWORD, "UTF-8") //
- + "&pword1=a&pword2=a");
+ String error = executeBasicWebInteraction(cookie, path,
+ "oldpassword=" + URLEncoder.encode(TEST_PASSWORD, "UTF-8") //
+ + "&pword1=a&pword2=a");
assertNotNull(error);
assertFalse(isLoggedin(login(u.getEmail(), TEST_PASSWORD + "v2")));
assertTrue(isLoggedin(login(u.getEmail(), TEST_PASSWORD)));
public void testChangePasswordWebMissingFields() throws IOException {
String np = URLEncoder.encode(TEST_PASSWORD + "v2", "UTF-8");
assertTrue(isLoggedin(login(u.getEmail(), TEST_PASSWORD)));
- String error = executeChangePassword("oldpassword=" + URLEncoder.encode(TEST_PASSWORD, "UTF-8") //
- + "&pword1=" + np);
+ String error = executeBasicWebInteraction(cookie, path,
+ "oldpassword=" + URLEncoder.encode(TEST_PASSWORD, "UTF-8") //
+ + "&pword1=" + np);
assertNotNull(error);
assertFalse(isLoggedin(login(u.getEmail(), TEST_PASSWORD + "v2")));
assertTrue(isLoggedin(login(u.getEmail(), TEST_PASSWORD)));
- error = executeChangePassword("oldpassword=" + URLEncoder.encode(TEST_PASSWORD, "UTF-8") //
+ error = executeBasicWebInteraction(cookie, path, "oldpassword=" + URLEncoder.encode(TEST_PASSWORD, "UTF-8") //
+ "&pword2=" + np);
assertNotNull(error);
assertFalse(isLoggedin(login(u.getEmail(), TEST_PASSWORD + "v2")));
assertTrue(isLoggedin(login(u.getEmail(), TEST_PASSWORD)));
- error = executeChangePassword("pword1=" + np + "&pword2=" + np);
+ error = executeBasicWebInteraction(cookie, path, "pword1=" + np + "&pword2=" + np);
assertNotNull(error);
assertFalse(isLoggedin(login(u.getEmail(), TEST_PASSWORD + "v2")));
assertTrue(isLoggedin(login(u.getEmail(), TEST_PASSWORD)));
}
- private String executeChangePassword(String query) throws IOException, MalformedURLException,
- UnsupportedEncodingException {
- URLConnection uc = new URL("https://" + getServerName() + ChangePasswordPage.PATH).openConnection();
- uc.addRequestProperty("Cookie", cookie);
- String csrf = getCSRF(uc);
-
- uc = new URL("https://" + getServerName() + ChangePasswordPage.PATH).openConnection();
- uc.addRequestProperty("Cookie", cookie);
- uc.setDoOutput(true);
- OutputStream os = uc.getOutputStream();
- os.write(("csrf=" + URLEncoder.encode(csrf, "UTF-8") + "&" //
- + query//
- ).getBytes());
- os.flush();
- String error = fetchStartErrorMessage(IOUtils.readURL(uc));
- return error;
- }
-
}
--- /dev/null
+package org.cacert.gigi.pages.account;
+
+import static org.junit.Assert.*;
+
+import java.io.IOException;
+import java.io.UnsupportedEncodingException;
+import java.net.MalformedURLException;
+import java.net.URLEncoder;
+
+import org.cacert.gigi.EmailAddress;
+import org.cacert.gigi.GigiApiException;
+import org.cacert.gigi.Language;
+import org.cacert.gigi.User;
+import org.cacert.gigi.testUtils.ManagedTest;
+import org.cacert.gigi.testUtils.TestEmailReciever.TestMail;
+import org.junit.Test;
+
+public class TestMailManagement extends ManagedTest {
+ private User u = User
+ .getById(createVerifiedUser("fn", "ln", createUniqueName() + "uni@example.org", TEST_PASSWORD));
+ private String cookie;
+ private String path = MailOverview.DEFAULT_PATH;
+
+ public TestMailManagement() throws IOException {
+ cookie = login(u.getEmail(), TEST_PASSWORD);
+ assertTrue(isLoggedin(cookie));
+ }
+
+ @Test
+ public void testMailAddInternal() throws InterruptedException, GigiApiException {
+ EmailAddress adrr = new EmailAddress("test@test.tld", u);
+ adrr.insert(Language.getInstance("en"));
+ TestMail testMail = getMailReciever().recieve();
+ assertTrue(adrr.getAddress().equals(testMail.getTo()));
+ String hash = testMail.extractLink().substring(testMail.extractLink().lastIndexOf('=') + 1);
+ adrr.verify(hash);
+ try {
+ new EmailAddress("kurti ", u);
+ } catch (IllegalArgumentException e) {
+ // Intended.
+ return;
+ }
+ fail();
+ }
+
+ @Test
+ public void testMailAddWeb() throws MalformedURLException, UnsupportedEncodingException, IOException {
+ String newMail = createUniqueName() + "uni@example.org";
+ assertNull(executeBasicWebInteraction(cookie, path, "addmail&newemail=" + URLEncoder.encode(newMail, "UTF-8"),
+ 1));
+ EmailAddress[] addrs = u.getEmails();
+ for (int i = 0; i < addrs.length; i++) {
+ if (addrs[i].getAddress().equals(newMail)) {
+ return;
+ }
+ }
+ fail();
+ }
+
+}
import java.io.IOException;
import java.io.InputStreamReader;
import java.io.Reader;
+import java.net.HttpURLConnection;
import java.net.URLConnection;
public class IOUtils {
public static String readURL(URLConnection in) {
try {
if (!in.getContentType().equals("text/html; charset=UTF-8")) {
+ if (in instanceof HttpURLConnection && ((HttpURLConnection) in).getResponseCode() != 200) {
+ System.err
+ .println(readURL(new InputStreamReader(((HttpURLConnection) in).getErrorStream(), "UTF-8")));
+ }
throw new Error("Unrecognized content-type: " + in.getContentType());
}
return readURL(new InputStreamReader(in.getInputStream(), "UTF-8"));
package org.cacert.gigi.testUtils;
-import static org.junit.Assert.assertEquals;
-import static org.junit.Assert.assertTrue;
+import static org.junit.Assert.*;
import java.io.BufferedReader;
import java.io.DataOutputStream;
import org.cacert.gigi.database.DatabaseConnection;
import org.cacert.gigi.testUtils.TestEmailReciever.TestMail;
import org.cacert.gigi.util.DatabaseManager;
+import org.cacert.gigi.util.ServerConstants;
import org.cacert.gigi.util.SimpleSigner;
import org.junit.After;
import org.junit.AfterClass;
System.out.println("... purging Database");
DatabaseManager.run(new String[] { testProps.getProperty("sql.driver"), testProps.getProperty("sql.url"),
testProps.getProperty("sql.user"), testProps.getProperty("sql.password") });
-
String type = testProps.getProperty("type");
+ Properties mainProps = generateMainProps();
+ ServerConstants.init(mainProps);
if (type.equals("local")) {
url = testProps.getProperty("name.www") + ":" + testProps.getProperty("serverPort");
String[] parts = testProps.getProperty("mail").split(":", 2);
gigi = Runtime.getRuntime().exec(testProps.getProperty("java"));
DataOutputStream toGigi = new DataOutputStream(gigi.getOutputStream());
System.out.println("... starting server");
- Properties mainProps = new Properties();
- mainProps.setProperty("host", "127.0.0.1");
- mainProps.setProperty("name.secure", testProps.getProperty("name.secure"));
- mainProps.setProperty("name.www", testProps.getProperty("name.www"));
- mainProps.setProperty("name.static", testProps.getProperty("name.static"));
-
- mainProps.setProperty("port", testProps.getProperty("serverPort"));
- mainProps.setProperty("emailProvider", "org.cacert.gigi.email.TestEmailProvider");
- mainProps.setProperty("emailProvider.port", "8473");
- mainProps.setProperty("sql.driver", testProps.getProperty("sql.driver"));
- mainProps.setProperty("sql.url", testProps.getProperty("sql.url"));
- mainProps.setProperty("sql.user", testProps.getProperty("sql.user"));
- mainProps.setProperty("sql.password", testProps.getProperty("sql.password"));
byte[] cacerts = Files.readAllBytes(Paths.get("config/cacerts.jks"));
byte[] keystore = Files.readAllBytes(Paths.get("config/keystore.pkcs12"));
}
+ private static Properties generateMainProps() {
+ Properties mainProps = new Properties();
+ mainProps.setProperty("host", "127.0.0.1");
+ mainProps.setProperty("name.secure", testProps.getProperty("name.secure"));
+ mainProps.setProperty("name.www", testProps.getProperty("name.www"));
+ mainProps.setProperty("name.static", testProps.getProperty("name.static"));
+
+ mainProps.setProperty("port", testProps.getProperty("serverPort"));
+ mainProps.setProperty("emailProvider", "org.cacert.gigi.email.TestEmailProvider");
+ mainProps.setProperty("emailProvider.port", "8473");
+ mainProps.setProperty("sql.driver", testProps.getProperty("sql.driver"));
+ mainProps.setProperty("sql.url", testProps.getProperty("sql.url"));
+ mainProps.setProperty("sql.user", testProps.getProperty("sql.user"));
+ mainProps.setProperty("sql.password", testProps.getProperty("sql.password"));
+ return mainProps;
+ }
+
@AfterClass
public static void tearDownServer() {
String type = testProps.getProperty("type");
}
public String getCSRF(URLConnection u) throws IOException {
+ return getCSRF(u, 0);
+ }
+
+ public String getCSRF(URLConnection u, int formIndex) throws IOException {
String content = IOUtils.readURL(u);
Pattern p = Pattern.compile("<input type='hidden' name='csrf' value='([^']+)'>");
Matcher m = p.matcher(content);
- if (!m.find()) {
- throw new Error("No CSRF Token");
+ for (int i = 0; i < formIndex + 1; i++) {
+ if (!m.find()) {
+ throw new Error("No CSRF Token");
+ }
}
return m.group(1);
}
return parts;
}
+ public String executeBasicWebInteraction(String cookie, String path, String query) throws MalformedURLException,
+ UnsupportedEncodingException, IOException {
+ return executeBasicWebInteraction(cookie, path, query, 0);
+ }
+
+ public String executeBasicWebInteraction(String cookie, String path, String query, int formIndex)
+ throws IOException, MalformedURLException, UnsupportedEncodingException {
+ URLConnection uc = new URL("https://" + getServerName() + path).openConnection();
+ uc.addRequestProperty("Cookie", cookie);
+ String csrf = getCSRF(uc, formIndex);
+
+ uc = new URL("https://" + getServerName() + path).openConnection();
+ uc.addRequestProperty("Cookie", cookie);
+ uc.setDoOutput(true);
+ OutputStream os = uc.getOutputStream();
+ os.write(("csrf=" + URLEncoder.encode(csrf, "UTF-8") + "&" //
+ + query//
+ ).getBytes());
+ os.flush();
+ String error = fetchStartErrorMessage(IOUtils.readURL(uc));
+ return error;
+ }
+
}
import java.util.regex.Matcher;
import java.util.regex.Pattern;
-public class TestEmailReciever implements Runnable {
+import org.cacert.gigi.email.EmailProvider;
+
+public class TestEmailReciever extends EmailProvider implements Runnable {
public class TestMail {
String to;
String subject;
dis = new DataInputStream(s.getInputStream());
dos = new DataOutputStream(s.getOutputStream());
new Thread(this).start();
+ setInstance(this);
}
LinkedBlockingQueue<TestMail> mails = new LinkedBlockingQueue<TestEmailReciever.TestMail>();
mails.add(new TestMail(to, subject, message, from, replyto));
} else if (type.equals("challengeAddrBox")) {
String email = dis.readUTF();
- if (approveRegex.matcher(email).matches()) {
- dos.writeUTF("OK");
- } else {
- dos.writeUTF(error);
- }
+ dos.writeUTF(quickEmailCheck(email));
dos.flush();
} else if (type.equals("ping")) {
} else {
}
+ private String quickEmailCheck(String email) throws IOException {
+ if (approveRegex.matcher(email).matches()) {
+ return "OK";
+ } else {
+ return error;
+ }
+ }
+
String error = "FAIL";
public void setEmailCheckError(String error) {
}
}
+ @Override
+ public String checkEmailServer(int forUid, String address) throws IOException {
+ return quickEmailCheck(address);
+ }
+
+ @Override
+ public void sendmail(String to, String subject, String message, String from, String replyto, String toname,
+ String fromname, String errorsto, boolean extra) throws IOException {
+ mails.add(new TestMail(to, subject, message, from, replyto));
+ }
+
}