Illegal reflective access by com.sun.mail.util.SocketFetcher eclipse-…

…ee4j#124 Co-authored-by: jmehrens <[email protected]> Co-authored-by: icu5545 <[email protected]> Signed-off-by: jmehrens <[email protected]>
jmehrens · Feb 10, 2024 · d1f9d11 · d1f9d11
1 parent ff64ec9
commit d1f9d11
Showing 1 changed file with 98 additions and 1 deletion.
diff --git a/providers/angus-mail/src/test/java/org/eclipse/angus/mail/util/SocketFetcherTest.java b/providers/angus-mail/src/test/java/org/eclipse/angus/mail/util/SocketFetcherTest.java
@@ -29,7 +29,6 @@
 import java.io.ByteArrayInputStream;
 import java.io.IOException;
 import java.io.InputStream;
-import java.net.InetAddress;
 import java.net.Socket;
 import java.nio.charset.StandardCharsets;
 import java.util.Base64;
@@ -41,6 +40,7 @@
 import org.eclipse.angus.mail.imap.IMAPHandler;
 import org.eclipse.angus.mail.test.TestSSLSocketFactory;
 
+import static org.junit.Assume.assumeTrue;
 import static org.junit.Assert.fail;
 import static org.junit.Assert.assertEquals;
 import static org.junit.Assert.assertFalse;
@@ -269,6 +269,91 @@ private void testSSLHostnameVerifierByName() throws Exception {
         }
     }
 
+    @Test
+    public void testSSLHostnameVerifierHostNameCheckerFQCN() throws Exception {
+        try {
+            testSSLHostnameVerifierClass("sun.security.util.HostnameChecker");
+            throw new AssertionError("No exception");
+        } catch (MessagingException me) {
+            Throwable cause = me.getCause();
+            assertTrue(String.valueOf(cause),
+                    cause instanceof IOException);
+            assertTrue(me.toString(), isFromSocketFetcher(me));
+        }
+    }
+
+    @Test
+    public void testSSLHostnameVerifierHostNameChecker() throws Exception {
+        try {
+            testSSLHostnameVerifierClass("HostnameChecker");
+            throw new AssertionError("No exception");
+        } catch (MessagingException me) {
+            Throwable cause = me.getCause();
+            assertTrue(String.valueOf(cause),
+                    cause instanceof IOException);
+            assertTrue(me.toString(), isFromSocketFetcher(me));
+        }
+    }
+
+    @Test
+    public void testSSLHostnameVerifierAny() throws Exception {
+        try {
+            testSSLHostnameVerifierClass("any");
+            throw new AssertionError("No exception");
+        } catch (MessagingException me) {
+            Throwable cause = me.getCause();
+            assertTrue(String.valueOf(cause),
+                    cause instanceof IOException);
+            assertTrue(me.toString(), isFromSocketFetcher(me));
+        }
+    }
+
+    @Test
+    public void testSSLHostnameVerifierMail() throws Exception {
+        try {
+            testSSLHostnameVerifierClass("MailHostnameVerifier");
+            throw new AssertionError("No exception");
+        } catch (MessagingException me) {
+            Throwable cause = me.getCause();
+            assertTrue(String.valueOf(cause),
+                    cause instanceof IOException);
+            assertTrue(me.toString(), isFromSocketFetcher(me));
+        }
+    }
+
+    private void testSSLHostnameVerifierClass(String name) throws Exception {
+        final Properties properties = new Properties();
+        properties.setProperty("mail.imap.host", "localhost");
+        properties.setProperty("mail.imap.ssl.enable", "true");
+
+        TestSSLSocketFactory sf = new TestSSLSocketFactory();
+        properties.put("mail.imap.ssl.socketFactory", sf);
+
+        // don't fall back to non-SSL
+        properties.setProperty("mail.imap.socketFactory.fallback", "false");
+
+        properties.setProperty("mail.imap.ssl.hostnameverifier.class", name);
+        properties.setProperty("mail.imap.ssl.checkserveridentity", "false");
+
+        TestServer server = null;
+        try {
+            server = new TestServer(new IMAPHandler(), true);
+            server.start();
+
+            properties.setProperty("mail.imap.port",
+                    Integer.toString(server.getPort()));
+            final Session session = Session.getInstance(properties);
+
+            try (Store store = session.getStore("imap")) {
+                store.connect("test", "test");
+            }
+        } finally {
+            if (server != null) {
+                server.quit();
+            }
+        }
+    }
+
     @Test
     public void testSSLEndpointIdentityCheckEmptyString() throws Throwable {
         testSSLEndpointIdentityCheck("");
@@ -320,6 +405,18 @@ private boolean isFromTrustManager(Throwable thrown) {
         return false;
     }
 
+    private boolean isFromSocketFetcher(Throwable thrown) {
+        for (Throwable t = thrown; t != null; t = t.getCause()) {
+            for (StackTraceElement s : t.getStackTrace()) {
+                if ("checkServerIdentity".equals(s.getMethodName())
+                        && SocketFetcher.class.getName().equals(s.getClassName())) {
+                    return true;
+                }
+            }
+        }
+        return false;
+    }
+
 
     private void testSSLEndpointIdentityCheck(String algo) throws Throwable {
         final Properties props = new Properties();