0.18.0: - umstieg auf apache james 3.8.0 bibliotheken

pom.xml

@@ -10,7 +10,7 @@
     </parent>
     <groupId>net.sberg</groupId>
     <artifactId>openkim</artifactId>
-    <version>0.17.2</version>
+    <version>0.18.0</version>
     <name>openkim</name>
     <description>Open KIM Client Modul</description>
 
@@ -66,7 +66,7 @@
         <dependency>
             <groupId>org.apache.james.protocols</groupId>
             <artifactId>protocols-netty</artifactId>
-            <version>3.7.2</version>
+            <version>3.8.0</version>
             <exclusions>
                 <!-- exclude version 1.9 (with Vulnerabilities), newer version 1.10.0 is set later-->
                 <exclusion>
@@ -78,12 +78,12 @@
         <dependency>
             <groupId>org.apache.james</groupId>
             <artifactId>metrics-logger</artifactId>
-            <version>3.7.2</version>
+            <version>3.8.0</version>
         </dependency>
         <dependency>
             <groupId>org.apache.james.protocols</groupId>
             <artifactId>protocols-smtp</artifactId>
-            <version>3.7.2</version>
+            <version>3.8.0</version>
             <exclusions>
                 <exclusion>
                     <groupId>org.apache.james</groupId>
@@ -94,7 +94,7 @@
         <dependency>
             <groupId>org.apache.james.protocols</groupId>
             <artifactId>protocols-pop3</artifactId>
-            <version>3.7.2</version>
+            <version>3.8.0</version>
         </dependency>
         <dependency>
             <groupId>org.bouncycastle</groupId>

src/main/java/net/sberg/openkim/common/FileUtils.java

@@ -119,7 +119,7 @@ public static final File writeToFileDirectory(Message msg, String prefix, String
         return f;
     }
 
-    public static final File writeToFileDirectory(ByteArrayOutputStream byteArrayOutputStream, String prefix, String storageFolder) throws Exception {
+    public static final File writeToFileDirectory(byte[] bytes, String prefix, String storageFolder) throws Exception {
         File f = new File(storageFolder);
         if (!f.exists()) {
             f.mkdirs();
@@ -128,7 +128,7 @@ public static final File writeToFileDirectory(ByteArrayOutputStream byteArrayOut
         f = new File(whereToSave);
         f.delete();
         OutputStream out = new FileOutputStream(new File(whereToSave));
-        out.write(byteArrayOutputStream.toByteArray());
+        out.write(bytes);
         out.flush();
         out.close();
         return f;

src/main/java/net/sberg/openkim/gateway/GatewayBasicChannelUpstreamHandler.java → src/main/java/net/sberg/openkim/gateway/GatewayBasicChannelInboundHandler.java

@@ -16,27 +16,27 @@
  */
 package net.sberg.openkim.gateway;
 
+import io.netty.channel.ChannelHandlerContext;
 import net.sberg.openkim.gateway.pop3.Pop3GatewaySession;
 import net.sberg.openkim.gateway.smtp.SmtpGatewaySession;
-import org.apache.james.protocols.api.Encryption;
 import org.apache.james.protocols.api.Protocol;
 import org.apache.james.protocols.api.ProtocolSession;
-import org.apache.james.protocols.netty.BasicChannelUpstreamHandler;
+import org.apache.james.protocols.netty.BasicChannelInboundHandler;
+import org.apache.james.protocols.netty.Encryption;
 import org.apache.james.protocols.netty.ProtocolMDCContextFactory;
-import org.jboss.netty.channel.ChannelHandlerContext;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
-public class GatewayBasicChannelUpstreamHandler extends BasicChannelUpstreamHandler {
+public class GatewayBasicChannelInboundHandler extends BasicChannelInboundHandler {
 
-    private static final Logger log = LoggerFactory.getLogger(GatewayBasicChannelUpstreamHandler.class);
+    private static final Logger log = LoggerFactory.getLogger(GatewayBasicChannelInboundHandler.class);
 
-    public GatewayBasicChannelUpstreamHandler(ProtocolMDCContextFactory mdcContextFactory, Protocol protocol, Encryption secure) {
-        super(mdcContextFactory, protocol, secure);
+    public GatewayBasicChannelInboundHandler(ProtocolMDCContextFactory mdcContextFactory, Protocol protocol, Encryption secure, boolean proxyRequired) {
+        super(mdcContextFactory, protocol, secure, proxyRequired);
     }
 
     protected void cleanup(ChannelHandlerContext ctx) {
-        ProtocolSession session = (ProtocolSession) ctx.getAttachment();
+        ProtocolSession session = (ProtocolSession) ctx.channel().attr(SESSION_ATTRIBUTE_KEY).getAndSet(null);
         if (session != null) {
             if (session instanceof SmtpGatewaySession) {
                 try {
@@ -67,5 +67,6 @@ protected void cleanup(ChannelHandlerContext ctx) {
             session.resetState();
             session = null;
         }
+        ctx.close();
     }
 }

src/main/java/net/sberg/openkim/gateway/GatewayKeystoreService.java

@@ -16,9 +16,9 @@
  */
 package net.sberg.openkim.gateway;
 
+import io.netty.handler.ssl.util.SelfSignedCertificate;
 import net.sberg.openkim.common.FileUtils;
 import net.sberg.openkim.common.ICommonConstants;
-import org.jboss.netty.handler.ssl.util.SelfSignedCertificate;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.annotation.Value;

src/main/java/net/sberg/openkim/gateway/GatewayNettyServer.java

@@ -17,76 +17,25 @@
 package net.sberg.openkim.gateway;
 
 import com.google.common.base.Preconditions;
-import org.apache.james.protocols.api.Encryption;
+import io.netty.channel.ChannelInboundHandlerAdapter;
+import io.netty.channel.DefaultEventLoopGroup;
 import org.apache.james.protocols.api.Protocol;
 import org.apache.james.protocols.netty.*;
-import org.jboss.netty.channel.ChannelPipelineFactory;
-import org.jboss.netty.channel.ChannelUpstreamHandler;
-import org.jboss.netty.channel.group.ChannelGroup;
-import org.jboss.netty.handler.execution.ExecutionHandler;
-import org.jboss.netty.util.HashedWheelTimer;
 
 import javax.inject.Inject;
 import java.util.Optional;
 
 public class GatewayNettyServer extends AbstractAsyncServer {
-    protected final Encryption secure;
-    protected final Protocol protocol;
-    private final ChannelHandlerFactory frameHandlerFactory;
-    private final HashedWheelTimer hashedWheelTimer;
-    private ExecutionHandler eHandler;
-    private ChannelUpstreamHandler coreHandler;
-    private int maxCurConnections;
-    private int maxCurConnectionsPerIP;
-
-    private GatewayNettyServer(Protocol protocol, Encryption secure, ChannelHandlerFactory frameHandlerFactory, HashedWheelTimer hashedWheelTimer) {
-        this.protocol = protocol;
-        this.secure = secure;
-        this.frameHandlerFactory = frameHandlerFactory;
-        this.hashedWheelTimer = hashedWheelTimer;
-    }
-
-    protected ChannelUpstreamHandler createCoreHandler() {
-        return new GatewayBasicChannelUpstreamHandler(new ProtocolMDCContextFactory.Standard(), this.protocol, this.secure);
-    }
-
-    public synchronized void bind() throws Exception {
-        this.coreHandler = this.createCoreHandler();
-        super.bind();
-    }
-
-    private ChannelHandlerFactory getFrameHandlerFactory() {
-        return this.frameHandlerFactory;
-    }
-
-    protected ChannelPipelineFactory createPipelineFactory(ChannelGroup group) {
-        return new AbstractSSLAwareChannelPipelineFactory(
-            this.getTimeout(),
-            this.maxCurConnections,
-            this.maxCurConnectionsPerIP,
-            group,
-            this.secure,
-            this.eHandler,
-            this.getFrameHandlerFactory(),
-            this.hashedWheelTimer
-        ) {
-            protected ChannelUpstreamHandler createHandler() {
-                return GatewayNettyServer.this.coreHandler;
-            }
-        };
-    }
-
     public static class Factory {
-        private final HashedWheelTimer hashedWheelTimer;
         private Protocol protocol;
+        private boolean proxyRequired;
         private Optional<Encryption> secure;
         private Optional<ChannelHandlerFactory> frameHandlerFactory;
 
         @Inject
-        public Factory(HashedWheelTimer hashedWheelTimer) {
-            this.hashedWheelTimer = hashedWheelTimer;
-            this.secure = Optional.empty();
-            this.frameHandlerFactory = Optional.empty();
+        public Factory() {
+            secure = Optional.empty();
+            frameHandlerFactory = Optional.empty();
         }
 
         public GatewayNettyServer.Factory protocol(Protocol protocol) {
@@ -100,19 +49,82 @@ public GatewayNettyServer.Factory secure(Encryption secure) {
             return this;
         }
 
+        public GatewayNettyServer.Factory proxyRequired(boolean proxyRequired) {
+            this.proxyRequired = proxyRequired;
+            return this;
+        }
+
         public GatewayNettyServer.Factory frameHandlerFactory(ChannelHandlerFactory frameHandlerFactory) {
             this.frameHandlerFactory = Optional.ofNullable(frameHandlerFactory);
             return this;
         }
 
         public GatewayNettyServer build() {
-            Preconditions.checkState(this.protocol != null, "'protocol' is mandatory");
-            return new GatewayNettyServer(
-                this.protocol,
-                this.secure.orElse(null),
-                this.frameHandlerFactory.orElse(new LineDelimiterBasedChannelHandlerFactory(8192)),
-                this.hashedWheelTimer
-            );
+            Preconditions.checkState(protocol != null, "'protocol' is mandatory");
+            return new GatewayNettyServer(protocol,
+                secure.orElse(null),
+                proxyRequired,
+                frameHandlerFactory.orElse(new LineDelimiterBasedChannelHandlerFactory(AbstractChannelPipelineFactory.MAX_LINE_LENGTH)));
+        }
+    }
+
+    protected final Encryption secure;
+    protected final Protocol protocol;
+    private final ChannelHandlerFactory frameHandlerFactory;
+    private int maxCurConnections;
+    private int maxCurConnectionsPerIP;
+    private boolean proxyRequired;
+
+    private GatewayNettyServer(Protocol protocol, Encryption secure, boolean proxyRequired, ChannelHandlerFactory frameHandlerFactory) {
+        this.protocol = protocol;
+        this.secure = secure;
+        this.proxyRequired = proxyRequired;
+        this.frameHandlerFactory = frameHandlerFactory;
+    }
+
+    public void setMaxConcurrentConnections(int maxCurConnections) {
+        if (isBound()) {
+            throw new IllegalStateException("Server running already");
         }
+        this.maxCurConnections = maxCurConnections;
+    }
+
+    public void setMaxConcurrentConnectionsPerIP(int maxCurConnectionsPerIP) {
+        if (isBound()) {
+            throw new IllegalStateException("Server running already");
+        }
+        this.maxCurConnectionsPerIP = maxCurConnectionsPerIP;
+    }
+
+    protected ChannelInboundHandlerAdapter createCoreHandler() {
+        return new GatewayBasicChannelInboundHandler(new ProtocolMDCContextFactory.Standard(), protocol, secure, proxyRequired);
+    }
+
+    @Override
+    public synchronized void bind() throws Exception {
+        super.bind();
+    }
+
+    private ChannelHandlerFactory getFrameHandlerFactory() {
+        return frameHandlerFactory;
+    }
+
+    @Override
+    protected AbstractChannelPipelineFactory createPipelineFactory() {
+        return new AbstractSSLAwareChannelPipelineFactory(
+            getTimeout(),
+            maxCurConnections,
+            maxCurConnectionsPerIP,
+            proxyRequired,
+            secure,
+            getFrameHandlerFactory(),
+            new DefaultEventLoopGroup(16)
+        ) {
+          @Override
+         protected ChannelInboundHandlerAdapter createHandler() {
+                return createCoreHandler();
+            }
+        };
+
     }
 }

src/main/java/net/sberg/openkim/gateway/pop3/Pop3Gateway.java

@@ -18,28 +18,35 @@
 
 import jakarta.annotation.PostConstruct;
 import jakarta.annotation.PreDestroy;
+import net.sberg.openkim.common.EnumMailConnectionSecurity;
+import net.sberg.openkim.common.ICommonConstants;
 import net.sberg.openkim.gateway.GatewayNettyServer;
 import net.sberg.openkim.konfiguration.Konfiguration;
 import net.sberg.openkim.konfiguration.KonfigurationService;
 import net.sberg.openkim.log.LogService;
 import net.sberg.openkim.pipeline.PipelineService;
-import org.apache.james.protocols.api.Encryption;
+import org.apache.james.protocols.api.ClientAuth;
 import org.apache.james.protocols.api.Protocol;
 import org.apache.james.protocols.api.handler.WiringException;
-import org.jboss.netty.util.HashedWheelTimer;
+import org.apache.james.protocols.netty.Encryption;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.beans.factory.annotation.Value;
 import org.springframework.stereotype.Service;
 
+import javax.net.ssl.KeyManagerFactory;
+import javax.net.ssl.SSLContext;
+import java.io.File;
+import java.io.FileInputStream;
 import java.net.InetSocketAddress;
+import java.security.KeyStore;
 
 @Service
 public class Pop3Gateway {
 
     private static final Logger log = LoggerFactory.getLogger(Pop3Gateway.class);
 
-    private HashedWheelTimer hashedWheelTimer;
     private GatewayNettyServer server;
 
     @Autowired
@@ -48,6 +55,8 @@ public class Pop3Gateway {
     private PipelineService pipelineService;
     @Autowired
     private KonfigurationService konfigurationService;
+    @Value("${gatewaykeystore.password}")
+    private String keyStorePwd;
 
     private boolean startSucces = false;
 
@@ -86,11 +95,7 @@ private void start() throws Exception {
                 log.info("***POP3 Gateway activated***");
             }
 
-            if (hashedWheelTimer == null) {
-                hashedWheelTimer = new HashedWheelTimer();
-            }
-
-            server = new GatewayNettyServer.Factory(hashedWheelTimer)
+            server = new GatewayNettyServer.Factory()
                 .protocol(createProtocol(konfiguration)).secure(buildSSLContext(konfiguration))
                 .build();
             server.setTimeout(konfiguration.getPop3GatewayIdleTimeoutInSeconds());
@@ -108,6 +113,34 @@ private void start() throws Exception {
 
     private Encryption buildSSLContext(Konfiguration konfiguration) throws Exception {
         Encryption encryption = null;
+        if (!konfiguration.getPop3GatewayConnectionSec().equals(EnumMailConnectionSecurity.NONE)) {
+            FileInputStream fis = null;
+            try {
+                KeyStore ks = KeyStore.getInstance("PKCS12", "BC");
+                fis = new FileInputStream(new File(ICommonConstants.BASE_DIR+ICommonConstants.OPENKIM_SERVER_KEYSTORE_FILENAME));
+                ks.load(fis, keyStorePwd.toCharArray());
+
+                // Set up key manager factory to use our key store
+                KeyManagerFactory kmf = KeyManagerFactory.getInstance("SunX509");
+                kmf.init(ks, keyStorePwd.toCharArray());
+
+                // Initialize the SSLContext to work with our key managers.
+                SSLContext context = SSLContext.getInstance("TLS");
+                context.init(kmf.getKeyManagers(), null, null);
+                if (konfiguration.getPop3GatewayConnectionSec().equals(EnumMailConnectionSecurity.STARTTLS)) {
+                    encryption = Encryption.createStartTls(context, null, null, ClientAuth.NONE);
+                }
+                else {
+                    encryption = Encryption.createTls(context, null, null, ClientAuth.NONE);
+                }
+
+            } finally {
+                if (fis != null) {
+                    fis.close();
+                }
+                return encryption;
+            }
+        }
         return encryption;
     }