#495: enable "*.ssl.checkserveridentity" property for SMTP connections as well, as is it still relevant for opportunistic TLS upgrades.

bbottema · bbottema · commit 270c6173dbb7 · 2024-04-05T15:55:01.000+02:00
diff --git a/modules/core-module/src/main/java/org/simplejavamail/api/mailer/config/TransportStrategy.java b/modules/core-module/src/main/java/org/simplejavamail/api/mailer/config/TransportStrategy.java
@@ -169,11 +169,11 @@ public String propertyNameSSLTrust() {
 		}
 		
 		/**
-		 * @return "mail.smtp.ssl.checkserveridentity"
+		 * @return "mail.smtp.ssl.checkserveridentity", which is only relevant for SMTP + opportunistic TLS
 		 */
 		@Override
 		public String propertyNameCheckServerIdentity() {
-			throw new IllegalStateException("This property is not relevant for plain SMTP");
+			return "mail.smtp.ssl.checkserveridentity";
 		}
 
 		/**
diff --git a/modules/simple-java-mail/src/main/java/org/simplejavamail/mailer/internal/MailerImpl.java b/modules/simple-java-mail/src/main/java/org/simplejavamail/mailer/internal/MailerImpl.java
@@ -239,7 +239,7 @@ static private void configureTrustedHosts(@NotNull final Session session, @NotNu
 	}
 
 	static private void configureServerIdentityVerification(@NotNull final Session session, @NotNull final OperationalConfig operationalConfig, @Nullable final TransportStrategy transportStrategy) {
-		if (transportStrategy != null && transportStrategy != TransportStrategy.SMTP) {
+		if (transportStrategy != null) {
 			session.getProperties().setProperty(transportStrategy.propertyNameCheckServerIdentity(),
 					Boolean.toString(operationalConfig.isVerifyingServerIdentity()));
 		}
diff --git a/modules/simple-java-mail/src/test/java/org/simplejavamail/mailer/MailerTest.java b/modules/simple-java-mail/src/test/java/org/simplejavamail/mailer/MailerTest.java
@@ -87,7 +87,7 @@ public void createMailSession_MinimalConstructor_WithoutConfig() {
 		assertThat(session.getProperty("mail.smtp.starttls.enable")).isEqualTo("true");
 		assertThat(session.getProperty("mail.smtp.starttls.required")).isEqualTo("false");
 		assertThat(session.getProperty("mail.smtp.ssl.trust")).isEqualTo("*");
-		assertThat(session.getProperty("mail.smtp.ssl.checkserveridentity")).isNull();
+		assertThat(session.getProperty("mail.smtp.ssl.checkserveridentity")).isEqualTo("true");
 		
 		assertThat(session.getProperty("mail.smtp.user")).isNull();
 		assertThat(session.getProperty("mail.smtp.auth")).isNull();
@@ -209,7 +209,7 @@ public void createMailSession_MinimalConstructor_WithConfig_OPPORTUNISTIC_TLS()
 		
 		assertThat(session.getProperty("mail.smtp.starttls.enable")).isNull();
 		assertThat(session.getProperty("mail.smtp.starttls.required")).isNull();
-		assertThat(session.getProperty("mail.smtp.ssl.checkserveridentity")).isNull();
+		assertThat(session.getProperty("mail.smtp.ssl.checkserveridentity")).isEqualTo("true");
 		
 		assertThat(session.getProperty("mail.smtp.user")).isEqualTo("username smtp");
 		assertThat(session.getProperty("mail.smtp.auth")).isEqualTo("true");
@@ -239,7 +239,7 @@ public void createMailSession_MinimalConstructor_WithConfig_OPPORTUNISTIC_TLS_Ma
 		assertThat(session.getProperty("mail.smtp.starttls.enable")).isEqualTo("true");
 		assertThat(session.getProperty("mail.smtp.starttls.required")).isEqualTo("false");
 		assertThat(session.getProperty("mail.smtp.ssl.trust")).isEqualTo("*");
-		assertThat(session.getProperty("mail.smtp.ssl.checkserveridentity")).isNull();
+		assertThat(session.getProperty("mail.smtp.ssl.checkserveridentity")).isEqualTo("true");
 		
 		assertThat(session.getProperty("mail.smtp.user")).isEqualTo("username smtp");
 		assertThat(session.getProperty("mail.smtp.auth")).isEqualTo("true");
diff --git a/modules/simple-java-mail/src/test/java/org/simplejavamail/mailer/internal/MailerImplTest.java b/modules/simple-java-mail/src/test/java/org/simplejavamail/mailer/internal/MailerImplTest.java
@@ -45,11 +45,11 @@ public void setup() {
 	public void trustAllHosts_PLAIN() {
 		new MailerImpl(null, SMTP, NO_GOVERNANCE(), createEmptyProxyConfig(), session, createDummyOperationalConfig(EMPTY_LIST, true, false));
 		assertThat(session.getProperties().getProperty("mail.smtp.ssl.trust")).isEqualTo("*");
-		assertThat(session.getProperties().getProperty("mail.smtp.ssl.checkserveridentity")).isNull();
+		assertThat(session.getProperties().getProperty("mail.smtp.ssl.checkserveridentity")).isEqualTo("false");
 		assertThat(session.getProperties().getProperty("mail.smtps.ssl.checkserveridentity")).isNull();
 		new MailerImpl(null, SMTP, NO_GOVERNANCE(), createEmptyProxyConfig(), session, createDummyOperationalConfig(EMPTY_LIST, false, true));
 		assertThat(session.getProperties().getProperty("mail.smtp.ssl.trust")).isNull();
-		assertThat(session.getProperties().getProperty("mail.smtp.ssl.checkserveridentity")).isNull();
+		assertThat(session.getProperties().getProperty("mail.smtp.ssl.checkserveridentity")).isEqualTo("true");
 		assertThat(session.getProperties().getProperty("mail.smtps.ssl.checkserveridentity")).isNull();
 	}
 	
@@ -98,19 +98,19 @@ public void checkForMissingOAuth2Token() {
 	public void trustHosts() {
 		new MailerImpl(null, SMTP, NO_GOVERNANCE(), createEmptyProxyConfig(), session, createDummyOperationalConfig(asList(), false, false));
 		assertThat(session.getProperties().getProperty("mail.smtp.ssl.trust")).isNull();
-		assertThat(session.getProperties().getProperty("mail.smtp.ssl.checkserveridentity")).isNull();
+		assertThat(session.getProperties().getProperty("mail.smtp.ssl.checkserveridentity")).isEqualTo("false");
 		assertThat(session.getProperties().getProperty("mail.smtps.ssl.checkserveridentity")).isNull();
 		new MailerImpl(null, SMTP, NO_GOVERNANCE(), createEmptyProxyConfig(), session, createDummyOperationalConfig(asList("a"), false, false));
 		assertThat(session.getProperties().getProperty("mail.smtp.ssl.trust")).isEqualTo("a");
-		assertThat(session.getProperties().getProperty("mail.smtp.ssl.checkserveridentity")).isNull();
+		assertThat(session.getProperties().getProperty("mail.smtp.ssl.checkserveridentity")).isEqualTo("false");
 		assertThat(session.getProperties().getProperty("mail.smtps.ssl.checkserveridentity")).isNull();
 		new MailerImpl(null, SMTP, NO_GOVERNANCE(), createEmptyProxyConfig(), session, createDummyOperationalConfig(asList("a", "b"), false, false));
 		assertThat(session.getProperties().getProperty("mail.smtp.ssl.trust")).isEqualTo("a b");
-		assertThat(session.getProperties().getProperty("mail.smtp.ssl.checkserveridentity")).isNull();
+		assertThat(session.getProperties().getProperty("mail.smtp.ssl.checkserveridentity")).isEqualTo("false");
 		assertThat(session.getProperties().getProperty("mail.smtps.ssl.checkserveridentity")).isNull();
 		new MailerImpl(null, SMTP, NO_GOVERNANCE(), createEmptyProxyConfig(), session, createDummyOperationalConfig(asList("a", "b", "c"), false, true));
 		assertThat(session.getProperties().getProperty("mail.smtp.ssl.trust")).isEqualTo("a b c");
-		assertThat(session.getProperties().getProperty("mail.smtp.ssl.checkserveridentity")).isNull();
+		assertThat(session.getProperties().getProperty("mail.smtp.ssl.checkserveridentity")).isEqualTo("true");
 		assertThat(session.getProperties().getProperty("mail.smtps.ssl.checkserveridentity")).isNull();
 	}
 

Original file line number	Diff line number	Diff line change
`@@ -169,11 +169,11 @@ public String propertyNameSSLTrust() {`
`169`	`169`	`}`
`170`	`170`
`171`	`171`	`/**`
`172`		`- * @return "mail.smtp.ssl.checkserveridentity"`
	`172`	`+ * @return "mail.smtp.ssl.checkserveridentity", which is only relevant for SMTP + opportunistic TLS`
`173`	`173`	`*/`
`174`	`174`	`@Override`
`175`	`175`	`public String propertyNameCheckServerIdentity() {`
`176`		`- throw new IllegalStateException("This property is not relevant for plain SMTP");`
	`176`	`+ return "mail.smtp.ssl.checkserveridentity";`
`177`	`177`	`}`
`178`	`178`
`179`	`179`	`/**`
Original file line number	Diff line number	Diff line change
`@@ -239,7 +239,7 @@ static private void configureTrustedHosts(@NotNull final Session session, @NotNu`
`239`	`239`	`}`
`240`	`240`
`241`	`241`	`static private void configureServerIdentityVerification(@NotNull final Session session, @NotNull final OperationalConfig operationalConfig, @Nullable final TransportStrategy transportStrategy) {`
`242`		`- if (transportStrategy != null && transportStrategy != TransportStrategy.SMTP) {`
	`242`	`+ if (transportStrategy != null) {`
`243`	`243`	`session.getProperties().setProperty(transportStrategy.propertyNameCheckServerIdentity(),`
`244`	`244`	`Boolean.toString(operationalConfig.isVerifyingServerIdentity()));`
`245`	`245`	`}`