use of gnu.inet.util.LineInputStream in project ats-framework by Axway.
the class InetSmtpConnection method starttls.
/**
* Negotiate TLS over the current connection.
* This depends on many features, such as the JSSE classes being in the
* classpath. Returns true if successful, false otherwise.
* @param tm the custom trust manager to use
*/
public boolean starttls(TrustManager tm) throws IOException {
try {
SSLSocketFactory factory = getSSLSocketFactory(tm);
send(STARTTLS);
if (getAllResponses() != READY) {
return false;
}
String hostname = socket.getInetAddress().getHostName();
int port = socket.getPort();
SSLSocket ss = (SSLSocket) factory.createSocket(socket, hostname, port, true);
String[] protocols = { "TLSv1", "SSLv3" };
ss.setEnabledProtocols(protocols);
ss.setUseClientMode(true);
ss.startHandshake();
// Set up streams
InputStream is = ss.getInputStream();
is = new BufferedInputStream(is);
is = new CRLFInputStream(is);
in = new LineInputStream(is);
OutputStream os = ss.getOutputStream();
os = new BufferedOutputStream(os);
out = new CRLFOutputStream(os);
return true;
} catch (GeneralSecurityException e) {
return false;
}
}
use of gnu.inet.util.LineInputStream in project ats-framework by Axway.
the class InetSmtpConnection method authenticate.
// -- Authentication --
/**
* Authenticates the connection using the specified SASL mechanism,
* username, and password.
* @param mechanism a SASL authentication mechanism, e.g. LOGIN, PLAIN,
* CRAM-MD5, GSSAPI
* @param username the authentication principal
* @param password the authentication credentials
* @return true if authentication was successful, false otherwise
*/
public boolean authenticate(String mechanism, String username, String password) throws IOException {
try {
String[] m = new String[] { mechanism };
CallbackHandler ch = new SaslCallbackHandler(username, password);
// Avoid lengthy callback procedure for GNU Crypto
HashMap<String, String> p = new HashMap<String, String>();
p.put("gnu.crypto.sasl.username", username);
p.put("gnu.crypto.sasl.password", password);
SaslClient sasl = Sasl.createSaslClient(m, null, "smtp", socket.getInetAddress().getHostName(), p, ch);
if (sasl == null) {
// Fall back to home-grown SASL clients
if ("LOGIN".equalsIgnoreCase(mechanism)) {
sasl = new SaslLogin(username, password);
} else if ("PLAIN".equalsIgnoreCase(mechanism)) {
sasl = new SaslPlain(username, password);
} else if ("CRAM-MD5".equalsIgnoreCase(mechanism)) {
sasl = new SaslCramMD5(username, password);
} else {
return false;
}
}
StringBuffer cmd = new StringBuffer(AUTH);
cmd.append(' ');
cmd.append(mechanism);
if (sasl.hasInitialResponse()) {
cmd.append(' ');
byte[] init = sasl.evaluateChallenge(new byte[0]);
if (init.length == 0) {
cmd.append('=');
} else {
cmd.append(new String(BASE64.encode(init), "US-ASCII"));
}
}
send(cmd.toString());
while (true) {
switch(getAllResponses()) {
case 334:
try {
byte[] c0 = response.getBytes("US-ASCII");
// challenge
byte[] c1 = BASE64.decode(c0);
byte[] r0 = sasl.evaluateChallenge(c1);
// response
byte[] r1 = BASE64.encode(r0);
out.write(r1);
out.write(0x0d);
out.flush();
log.trace("> " + new String(r1, "US-ASCII"));
} catch (SaslException e) {
// Error in SASL challenge evaluation - cancel exchange
out.write(0x2a);
out.write(0x0d);
out.flush();
log.trace("> *");
}
break;
case 235:
String qop = (String) sasl.getNegotiatedProperty(Sasl.QOP);
if ("auth-int".equalsIgnoreCase(qop) || "auth-conf".equalsIgnoreCase(qop)) {
InputStream is = socket.getInputStream();
is = new BufferedInputStream(is);
is = new SaslInputStream(sasl, is);
is = new CRLFInputStream(is);
in = new LineInputStream(is);
OutputStream os = socket.getOutputStream();
os = new BufferedOutputStream(os);
os = new SaslOutputStream(sasl, os);
out = new CRLFOutputStream(os);
}
return true;
default:
return false;
}
}
} catch (SaslException e) {
log.error(e.getMessage(), e);
// No provider for mechanism
return false;
} catch (RuntimeException e) {
log.error(e.getMessage(), e);
// No javax.security.sasl classes
return false;
}
}
Aggregations