Illegal reflective access by com.sun.mail.util.SocketFetcher eclipse-…

…ee4j#124

Co-authored-by: jmehrens <[email protected]>
Co-authored-by: icu5545 <[email protected]>
Signed-off-by: jmehrens <[email protected]>

providers/angus-mail/src/test/java/org/eclipse/angus/mail/util/SocketFetcherTest.java

@@ -31,12 +31,16 @@
 import java.io.InputStream;
 import java.net.Socket;
 import java.nio.charset.StandardCharsets;
+import java.security.cert.CertificateException;
+import java.security.cert.X509Certificate;
 import java.util.Base64;
 import java.util.Properties;
 import java.util.concurrent.atomic.AtomicInteger;
 import javax.net.ssl.HostnameVerifier;
+import javax.net.ssl.SSLEngine;
 import javax.net.ssl.SSLHandshakeException;
 import javax.net.ssl.SSLSession;
+import javax.net.ssl.X509ExtendedTrustManager;
 import org.eclipse.angus.mail.imap.IMAPHandler;
 import org.eclipse.angus.mail.test.TestSSLSocketFactory;
 
@@ -388,6 +392,41 @@ private void testSSLHostnameVerifierClass(String host, String name) throws Excep
         }
     }
 
+    @Test
+    public void testSSLCheckServerIdentityTrustManager() throws Exception {
+        final Properties props = new Properties();
+        props.setProperty("mail.imap.host", "localhost");
+        props.setProperty("mail.imap.ssl.enable", "true");
+
+        MailSSLSocketFactory sf = new MailSSLSocketFactory();
+        sf.setTrustedHosts("localhost");
+        sf.setTrustManagers(new AllowAllX509ExtendedTrustManager());
+        props.put("mail.imap.ssl.socketFactory", sf);
+
+        // don't fall back to non-SSL
+        props.setProperty("mail.imap.socketFactory.fallback", "false");
+        props.setProperty("mail.imap.ssl.checkserveridentity", "true");
+
+
+        TestServer server = null;
+        try {
+            server = new TestServer(new IMAPHandler(), true);
+            server.start();
+
+            props.setProperty("mail.imap.port",
+                    Integer.toString(server.getPort()));
+            final Session session = Session.getInstance(props);
+
+            try (Store store = session.getStore("imap")) {
+                store.connect("test", "test");
+            }
+        } finally {
+            if (server != null) {
+                server.quit();
+            }
+        }
+    }
+
     @Test
     public void testSSLCheckServerIdentityFalse() throws Throwable {
         testSSLCheckServerIdentity("localhost", "false");
@@ -597,6 +636,49 @@ public boolean testProxyUserPassword(String type, String host, String port,
         }
     }
 
+
+    private static final class AllowAllX509ExtendedTrustManager
+            extends X509ExtendedTrustManager {
+
+        AllowAllX509ExtendedTrustManager() {
+        }
+
+        @Override
+        public void checkClientTrusted(X509Certificate[] xcs, String string,
+                Socket socket) throws CertificateException {
+        }
+
+        @Override
+        public void checkServerTrusted(X509Certificate[] xcs, String string,
+                Socket socket) throws CertificateException {
+        }
+
+        @Override
+        public void checkClientTrusted(X509Certificate[] xcs, String string,
+                SSLEngine ssle) throws CertificateException {
+        }
+
+        @Override
+        public void checkServerTrusted(X509Certificate[] xcs, String string,
+                SSLEngine ssle) throws CertificateException {
+        }
+
+        @Override
+        public void checkClientTrusted(X509Certificate[] xcs, String string)
+                throws CertificateException {
+        }
+
+        @Override
+        public void checkServerTrusted(X509Certificate[] xcs, String string)
+                throws CertificateException {
+        }
+
+        @Override
+        public X509Certificate[] getAcceptedIssuers() {
+            return null;
+        }
+    }
+
     public static class TestHostnameVerifier implements HostnameVerifier {
         /*
          * This is based on an assumption that the hostname verifier is instantiated