Repository: mercurial
Revision: 84
Author: Bill Shannon <bill.shannon_at_sun.com>
Date: 2008-09-12 21:03:36 UTC
Log Message:
-----------
Add mail.imap.starttls.required property to require use of STARTTLS.
Modified Paths:
--------------
doc/release/CHANGES.txt
mail/src/main/java/com/sun/mail/imap/IMAPStore.java
mail/src/main/java/com/sun/mail/imap/package.html
Diffs:
-----
diff -r ed3db1bebae7 -r a1b385acafb3 doc/release/CHANGES.txt
--- a/doc/release/CHANGES.txt Wed Sep 10 15:19:25 2008 -0700
+++ b/doc/release/CHANGES.txt Fri Sep 12 14:03:36 2008 -0700
@@ -30,7 +30,7 @@
GF 3929 Inconsistent synchronization in
com.sun.mail.iap.Protocol
GF 4997 BASE64DecoderStream.skip (etc) skips the wrong number
of octets
GF 5189 Can't specify SSLSocketFactory for STARTTLS in Javamail
1.4
-GF 5861 add mail.smtp.starttls.required property to require use
of STARTTLS
+GF 5861 add mail.<protocol>.starttls.required prop to require
use of STARTTLS
<no id> ignore socket timeout while waiting in IMAP IDLE
<no id> fix bug in MailDateFormat parsing in non-lenient mode
<no id> add mail.mime.multipart.allowempty system property to
handle (illegal)
diff -r ed3db1bebae7 -r a1b385acafb3
mail/src/main/java/com/sun/mail/imap/IMAPStore.java
--- a/mail/src/main/java/com/sun/mail/imap/IMAPStore.java Wed Sep
10 15:19:25 2008 -0700
+++ b/mail/src/main/java/com/sun/mail/imap/IMAPStore.java Fri Sep
12 14:03:36 2008 -0700
@@ -180,6 +180,7 @@
private boolean disableAuthLogin = false; // disable AUTH=LOGIN
private boolean disableAuthPlain = false; // disable AUTH=PLAIN
private boolean enableStartTLS = false; // enable STARTTLS
+ private boolean requireStartTLS = false; // require STARTTLS
private boolean enableSASL = false; // enable SASL
authentication
private String[] saslMechanisms;
private boolean forcePasswordRefresh = false;
@@ -462,6 +463,12 @@
if (debug && enableStartTLS)
out.println("DEBUG: enable STARTTLS");
+ // check if STARTTLS is required
+ requireStartTLS = PropUtil.getBooleanSessionProperty(session,
+ "mail." + name + ".starttls.required", false);
+ if (debug && requireStartTLS)
+ out.println("DEBUG: require STARTTLS");
+
// check if SASL is enabled
enableSASL = PropUtil.getBooleanSessionProperty(session,
"mail." + name + ".sasl.enable", false);
@@ -608,11 +615,18 @@
private void login(IMAPProtocol p, String u, String pw)
throws ProtocolException {
- // turn on TLS if it's been enabled and is supported
- if (enableStartTLS && p.hasCapability("STARTTLS")) {
- p.startTLS();
- // if startTLS succeeds, refresh capabilities
- p.capability();
+ // turn on TLS if it's been enabled or required and is
supported
+ if (enableStartTLS || requireStartTLS) {
+ if (p.hasCapability("STARTTLS")) {
+ p.startTLS();
+ // if startTLS succeeds, refresh capabilities
+ p.capability();
+ } else if (requireStartTLS) {
+ if (debug)
+ out.println("DEBUG: STARTTLS required but not
supported");
+ throw new ProtocolException(
+ "STARTTLS required but not supported by server");
+ }
}
if (p.isAuthenticated())
return; // no need to login
diff -r ed3db1bebae7 -r a1b385acafb3
mail/src/main/java/com/sun/mail/imap/package.html
--- a/mail/src/main/java/com/sun/mail/imap/package.html Wed Sep 10
15:19:25 2008 -0700
+++ b/mail/src/main/java/com/sun/mail/imap/package.html Fri Sep 12
14:03:36 2008 -0700
@@ -236,6 +236,17 @@
trust store must configured so that the client will trust the server's
certificate. This feature only works on J2SE 1.4 and newer systems.
Default is false.</TD>
+</TR>
+
+<TR>
+<TD>mail.imap.starttls.required</TD>
+<TD>boolean</TD>
+<TD>
+If true, requires the use of the <code>STARTTLS</code> command.
+If the server doesn't support the STARTTLS command, or the command
+fails, the connect method will fail.
+Defaults to false.
+</TD>
</TR>
<TR>