#222 Added property support for trusting SSL hosts and verifying server identity

Author: bbottema

angular-app

@@ -26,6 +26,18 @@
  */
 @Cli.BuilderApiNode(builderApiType = CliBuilderApiType.MAILER)
 public interface MailerGenericBuilder<T extends MailerGenericBuilder<?>> {
+	/**
+	 * {@value}
+	 *
+	 * @see #trustingAllHosts(boolean)
+	 */
+	boolean DEFAULT_TRUST_ALL_HOSTS = true;
+	/**
+	 * {@value}
+	 *
+	 * @see #verifyingServerIdentity(boolean)
+	 */
+	boolean DEFAULT_VERIFY_SERVER_IDENTITY = true;
 	/**
 	 * The default maximum timeout value for the transport socket is <code>{@value}</code> milliseconds (affects socket connect-,
 	 * read- and write timeouts). Can be overridden from a config file or through System variable.
@@ -452,6 +464,24 @@ public interface MailerGenericBuilder<T extends MailerGenericBuilder<?>> {
 	 */
 	T resetThreadPoolKeepAliveTime();
 
+	/**
+	 * Reset trusting any host; trust all hosts is set to {@value #DEFAULT_TRUST_ALL_HOSTS}.
+	 *
+	 * @see #trustingAllHosts(boolean)
+	 * @see #trustingSSLHosts(String...)
+	 * @see #verifyingServerIdentity(boolean)
+	 */
+	T resetTrustingAllHosts();
+
+	/**
+	 * Reset verifying the server's identity to {@value #DEFAULT_VERIFY_SERVER_IDENTITY}.
+	 *
+	 * @see #verifyingServerIdentity(boolean)
+	 * @see #trustingSSLHosts(String...)
+	 * @see #trustingAllHosts(boolean)
+	 */
+	T resetVerifyingServerIdentity();
+
 	/**
 	 * Reset the cluster key to empty, so it will be generated uniquely, avoiding clustering with any other {@link Mailer}.
 	 *
@@ -528,6 +558,8 @@ public interface MailerGenericBuilder<T extends MailerGenericBuilder<?>> {
 	 * Removes all trusted hosts from the list.
 	 *
 	 * @see #trustingSSLHosts(String...)
+	 * @see #trustingAllHosts(boolean)
+	 * @see #verifyingServerIdentity(boolean)
 	 */
 	T clearTrustedSSLHosts();
 

modules/core-module/src/main/java/org/simplejavamail/api/mailer/MailerGenericBuilder.java

@@ -60,6 +60,9 @@
  * <li>simplejavamail.defaults.connectionpool.expireafter.millis</li>
  * <li>simplejavamail.defaults.connectionpool.loadbalancing.strategy</li>
  * <li>simplejavamail.defaults.sessiontimeoutmillis</li>
+ * <li>simplejavamail.defaults.trustallhosts</li>
+ * <li>simplejavamail.defaults.trustedhosts</li>
+ * <li>simplejavamail.defaults.verifyserveridentity</li>
  * <li>simplejavamail.transport.mode.logging.only</li>
  * <li>simplejavamail.opportunistic.tls</li>
  * <li>simplejavamail.smime.signing.keystore</li>
@@ -132,6 +135,9 @@ public enum Property {
 		DEFAULT_CONNECTIONPOOL_LOADBALANCING_STRATEGY("simplejavamail.defaults.connectionpool.loadbalancing.strategy"),
 		DEFAULT_POOL_KEEP_ALIVE_TIME("simplejavamail.defaults.poolsize.keepalivetime"),
 		DEFAULT_SESSION_TIMEOUT_MILLIS("simplejavamail.defaults.sessiontimeoutmillis"),
+		DEFAULT_TRUST_ALL_HOSTS("simplejavamail.defaults.trustallhosts"),
+		DEFAULT_TRUSTED_HOSTS("simplejavamail.defaults.trustedhosts"),
+		DEFAULT_VERIFY_SERVER_IDENTITY("simplejavamail.defaults.verifyserveridentity"),
 		TRANSPORT_MODE_LOGGING_ONLY("simplejavamail.transport.mode.logging.only"),
 		OPPORTUNISTIC_TLS("simplejavamail.opportunistic.tls"),
 		SMIME_SIGNING_KEYSTORE("simplejavamail.smime.signing.keystore"),

modules/core-module/src/main/java/org/simplejavamail/config/ConfigLoader.java

@@ -7,6 +7,7 @@
 import org.simplejavamail.api.mailer.config.ProxyConfig;
 import org.simplejavamail.config.ConfigLoader.Property;
 import org.simplejavamail.internal.modules.ModuleLoader;
+import org.simplejavamail.internal.util.SimpleOptional;
 
 import javax.annotation.Nonnull;
 import javax.annotation.Nullable;
@@ -29,6 +30,7 @@
 import static org.simplejavamail.config.ConfigLoader.valueOrProperty;
 import static org.simplejavamail.config.ConfigLoader.valueOrPropertyAsBoolean;
 import static org.simplejavamail.config.ConfigLoader.valueOrPropertyAsInteger;
+import static org.simplejavamail.config.ConfigLoader.valueOrPropertyAsString;
 import static org.simplejavamail.internal.util.MiscUtil.checkArgumentNotEmpty;
 import static org.simplejavamail.internal.util.MiscUtil.valueNullOrEmpty;
 import static org.simplejavamail.internal.util.Preconditions.assumeNonNull;
@@ -191,6 +193,8 @@ abstract class MailerGenericBuilderImpl<T extends MailerGenericBuilderImpl<?>> i
 		this.proxyBridgePort 						= assumeNonNull(valueOrPropertyAsInteger(null, Property.PROXY_SOCKS5BRIDGE_PORT, DEFAULT_PROXY_BRIDGE_PORT));
 		this.debugLogging 							= assumeNonNull(valueOrPropertyAsBoolean(null, Property.JAVAXMAIL_DEBUG, DEFAULT_JAVAXMAIL_DEBUG));
 		this.sessionTimeout 						= assumeNonNull(valueOrPropertyAsInteger(null, Property.DEFAULT_SESSION_TIMEOUT_MILLIS, DEFAULT_SESSION_TIMEOUT_MILLIS));
+		this.trustAllSSLHost 						= assumeNonNull(valueOrPropertyAsBoolean(null, Property.DEFAULT_TRUST_ALL_HOSTS, DEFAULT_TRUST_ALL_HOSTS));
+		this.verifyingServerIdentity 				= assumeNonNull(valueOrPropertyAsBoolean(null, Property.DEFAULT_VERIFY_SERVER_IDENTITY, DEFAULT_VERIFY_SERVER_IDENTITY));
 		this.threadPoolSize 						= assumeNonNull(valueOrPropertyAsInteger(null, Property.DEFAULT_POOL_SIZE, DEFAULT_POOL_SIZE));
 		this.threadPoolKeepAliveTime 				= assumeNonNull(valueOrPropertyAsInteger(null, Property.DEFAULT_POOL_KEEP_ALIVE_TIME, DEFAULT_POOL_KEEP_ALIVE_TIME));
 		this.connectionPoolCoreSize 				= assumeNonNull(valueOrPropertyAsInteger(null, Property.DEFAULT_CONNECTIONPOOL_CORE_SIZE, DEFAULT_CONNECTIONPOOL_CORE_SIZE));
@@ -200,9 +204,12 @@ abstract class MailerGenericBuilderImpl<T extends MailerGenericBuilderImpl<?>> i
 		this.connectionPoolLoadBalancingStrategy	= assumeNonNull(valueOrProperty(null, Property.DEFAULT_CONNECTIONPOOL_LOADBALANCING_STRATEGY, LoadBalancingStrategy.valueOf(DEFAULT_CONNECTIONPOOL_LOADBALANCING_STRATEGY)));
 		this.transportModeLoggingOnly 				= assumeNonNull(valueOrPropertyAsBoolean(null, Property.TRANSPORT_MODE_LOGGING_ONLY, DEFAULT_TRANSPORT_MODE_LOGGING_ONLY));
 
+		final String trustedHosts = valueOrPropertyAsString(null, Property.DEFAULT_TRUSTED_HOSTS, null);
+		if (trustedHosts != null) {
+			this.sslHostsToTrust = Arrays.asList(trustedHosts.split(";"));
+		}
+
 		this.emailAddressCriteria = EmailAddressCriteria.RFC_COMPLIANT.clone();
-		this.trustAllSSLHost = true;
-		this.verifyingServerIdentity = true;
 
 		this.executorService = determineDefaultExecutorService();
 	}
@@ -507,14 +514,30 @@ public T withProperty(@Nonnull final String propertyName, @Nullable final Object
 		}
 		return (T) this;
 	}
-	
+
 	/**
 	 * @see MailerGenericBuilder#resetSessionTimeout()
 	 */
 	@Override
 	public T resetSessionTimeout() {
 		return withSessionTimeout(DEFAULT_SESSION_TIMEOUT_MILLIS);
 	}
+
+	/**
+	 * @see MailerGenericBuilder#resetTrustingAllHosts()
+	 */
+	@Override
+	public T resetTrustingAllHosts() {
+		return trustingAllHosts(DEFAULT_TRUST_ALL_HOSTS);
+	}
+
+	/**
+	 * @see MailerGenericBuilder#resetVerifyingServerIdentity()
+	 */
+	@Override
+	public T resetVerifyingServerIdentity() {
+		return verifyingServerIdentity(DEFAULT_VERIFY_SERVER_IDENTITY);
+	}
 
 	/**
 	 * @see MailerGenericBuilder#resetEmailAddressCriteria()

modules/simple-java-mail/src/main/java/org/simplejavamail/mailer/internal/MailerGenericBuilderImpl.java

@@ -47,7 +47,8 @@ public void restoreOriginalStaticProperties() {
 				+ "simplejavamail.proxy.port=1080\n"
 				+ "simplejavamail.proxy.username=username proxy\n"
 				+ "simplejavamail.proxy.password=password proxy\n"
-				+ "simplejavamail.proxy.socks5bridge.port=1081";
+				+ "simplejavamail.proxy.socks5bridge.port=1081\n"
+				+ "simplejavamail.defaults.trustedhosts=192.168.1.122;mymailserver.com;ix55432y";
 
 		ConfigLoader.loadProperties(new ByteArrayInputStream(s.getBytes()), false);
 	}
@@ -58,6 +59,8 @@ public void createMailSession_MinimalConstructor_WithoutConfig() {
 
 		final UUID clusterKey = UUID.randomUUID();
 		Mailer mailer = MailerBuilder.withSMTPServer("host", 25, null, null).withClusterKey(clusterKey).buildMailer();
+		assertThat(mailer.getOperationalConfig().getSslHostsToTrust()).isEmpty();
+
 		Session session = mailer.getSession();
 
 		assertThat(session.getDebug()).isFalse();
@@ -138,6 +141,9 @@ public void createMailSession_MaximumConstructor_WithoutConfig() {
 	public void createMailSession_MinimalConstructor_WithConfig() {
 		Mailer mailer = MailerBuilder.buildMailer();
 		Session session = mailer.getSession();
+
+		assertThat(mailer.getOperationalConfig().getSslHostsToTrust()).containsExactlyInAnyOrder(
+				"192.168.1.122", "mymailserver.com", "ix55432y");
 
 		assertThat(session.getDebug()).isTrue();
 		assertThat(session.getProperty("mail.smtp.host")).isEqualTo("smtp.default.com");

modules/simple-java-mail/src/test/java/org/simplejavamail/mailer/MailerTest.java

@@ -54,6 +54,9 @@
  * <li>simplejavamail.defaults.connectionpool.expireafter.millis</li>
  * <li>simplejavamail.defaults.connectionpool.loadbalancing.strategy</li>
  * <li>simplejavamail.defaults.sessiontimeoutmillis</li>
+ * <li>simplejavamail.defaults.trustallhosts</li>
+ * <li>simplejavamail.defaults.trustedhosts</li>
+ * <li>simplejavamail.defaults.verifyserveridentity</li>
  * <li>simplejavamail.transport.mode.logging.only</li>
  * <li>simplejavamail.opportunistic.tls</li>
  * <li>simplejavamail.smime.signing.keystore</li>
@@ -109,6 +112,9 @@ public MailerGenericBuilder<?> loadGlobalConfigAndCreateDefaultMailer(
 			@Value("${simplejavamail.defaults.connectionpool.expireafter.millis:#{null}}") final String defaultConnectionPoolExpireAfterMillis,
 			@Value("${simplejavamail.defaults.connectionpool.loadbalancing.strategy:#{null}}") final String defaultConnectionPoolLoadBalancingStrategy,
 			@Value("${simplejavamail.defaults.sessiontimeoutmillis:#{null}}") final String defaultSessionTimeoutMillis,
+			@Value("${simplejavamail.defaults.trustallhosts:#{null}}") final String defaultTrustAllHosts,
+			@Value("${simplejavamail.defaults.trustedhosts:#{null}}") final String defaultTrustedHosts,
+			@Value("${simplejavamail.defaults.verifyserveridentity:#{null}}") final String defaultVerifyServerIdentity,
 			@Value("${simplejavamail.transport.mode.logging.only:#{null}}") final String defaultTransportModeLoggingOnly,
 			@Value("${simplejavamail.opportunistic.tls:#{null}}") final String defaultOpportunisticTls,
 			@Value("${simplejavamail.smime.signing.keystore:#{null}}") final String smimeSigningKeyStore,
@@ -150,6 +156,9 @@ public MailerGenericBuilder<?> loadGlobalConfigAndCreateDefaultMailer(
 		setNullableProperty(emailProperties, Property.DEFAULT_CONNECTIONPOOL_EXPIREAFTER_MILLIS.key(), defaultConnectionPoolExpireAfterMillis);
 		setNullableProperty(emailProperties, Property.DEFAULT_CONNECTIONPOOL_LOADBALANCING_STRATEGY.key(), defaultConnectionPoolLoadBalancingStrategy);
 		setNullableProperty(emailProperties, Property.DEFAULT_SESSION_TIMEOUT_MILLIS.key(), defaultSessionTimeoutMillis);
+		setNullableProperty(emailProperties, Property.DEFAULT_TRUST_ALL_HOSTS.key(), defaultTrustAllHosts);
+		setNullableProperty(emailProperties, Property.DEFAULT_TRUSTED_HOSTS.key(), defaultTrustedHosts);
+		setNullableProperty(emailProperties, Property.DEFAULT_VERIFY_SERVER_IDENTITY.key(), defaultVerifyServerIdentity);
 		setNullableProperty(emailProperties, Property.TRANSPORT_MODE_LOGGING_ONLY.key(), defaultTransportModeLoggingOnly);
 		setNullableProperty(emailProperties, Property.OPPORTUNISTIC_TLS.key(), defaultOpportunisticTls);
 		setNullableProperty(emailProperties, Property.SMIME_SIGNING_KEYSTORE.key(), smimeSigningKeyStore);