1 /* 2 * Copyright (C) 2008 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17 package com.android.email.mail.transport; 18 19 import com.android.email.Email; 20 import com.android.email.mail.Address; 21 import com.android.email.mail.AuthenticationFailedException; 22 import com.android.email.mail.CertificateValidationException; 23 import com.android.email.mail.MessagingException; 24 import com.android.email.mail.Sender; 25 import com.android.email.mail.Transport; 26 import com.android.email.provider.EmailContent.Message; 27 28 import android.content.Context; 29 import android.util.Config; 30 import android.util.Log; 31 import android.util.Base64; 32 33 import java.io.IOException; 34 import java.net.InetAddress; 35 import java.net.URI; 36 import java.net.URISyntaxException; 37 38 import javax.net.ssl.SSLException; 39 40 /** 41 * This class handles all of the protocol-level aspects of sending messages via SMTP. 42 */ 43 public class SmtpSender extends Sender { 44 45 private final Context mContext; 46 private Transport mTransport; 47 private String mUsername; 48 private String mPassword; 49 50 /** 51 * Static named constructor. 52 */ 53 public static Sender newInstance(Context context, String uri) throws MessagingException { 54 return new SmtpSender(context, uri); 55 } 56 57 /** 58 * Allowed formats for the Uri: 59 * smtp://user:password@server:port 60 * smtp+tls+://user:password@server:port 61 * smtp+tls+trustallcerts://user:password@server:port 62 * smtp+ssl+://user:password@server:port 63 * smtp+ssl+trustallcerts://user:password@server:port 64 * 65 * @param uriString the Uri containing information to configure this sender 66 */ 67 private SmtpSender(Context context, String uriString) throws MessagingException { 68 mContext = context; 69 URI uri; 70 try { 71 uri = new URI(uriString); 72 } catch (URISyntaxException use) { 73 throw new MessagingException("Invalid SmtpTransport URI", use); 74 } 75 76 String scheme = uri.getScheme(); 77 if (scheme == null || !scheme.startsWith("smtp")) { 78 throw new MessagingException("Unsupported protocol"); 79 } 80 // defaults, which can be changed by security modifiers 81 int connectionSecurity = Transport.CONNECTION_SECURITY_NONE; 82 int defaultPort = 587; 83 // check for security modifiers and apply changes 84 if (scheme.contains("+ssl")) { 85 connectionSecurity = Transport.CONNECTION_SECURITY_SSL; 86 defaultPort = 465; 87 } else if (scheme.contains("+tls")) { 88 connectionSecurity = Transport.CONNECTION_SECURITY_TLS; 89 } 90 boolean trustCertificates = scheme.contains("+trustallcerts"); 91 92 mTransport = new MailTransport("SMTP"); 93 mTransport.setUri(uri, defaultPort); 94 mTransport.setSecurity(connectionSecurity, trustCertificates); 95 96 String[] userInfoParts = mTransport.getUserInfoParts(); 97 if (userInfoParts != null) { 98 mUsername = userInfoParts[0]; 99 if (userInfoParts.length > 1) { 100 mPassword = userInfoParts[1]; 101 } 102 } 103 } 104 105 /** 106 * For testing only. Injects a different transport. The transport should already be set 107 * up and ready to use. Do not use for real code. 108 * @param testTransport The Transport to inject and use for all future communication. 109 */ 110 /* package */ void setTransport(Transport testTransport) { 111 mTransport = testTransport; 112 } 113 114 @Override 115 public void open() throws MessagingException { 116 try { 117 mTransport.open(); 118 119 // Eat the banner 120 executeSimpleCommand(null); 121 122 String localHost = "localhost"; 123 // Try to get local address in the X.X.X.X format. 124 InetAddress localAddress = mTransport.getLocalAddress(); 125 if (localAddress != null) { 126 localHost = localAddress.getHostAddress(); 127 } 128 String result = executeSimpleCommand("EHLO " + localHost); 129 130 /* 131 * TODO may need to add code to fall back to HELO I switched it from 132 * using HELO on non STARTTLS connections because of AOL's mail 133 * server. It won't let you use AUTH without EHLO. 134 * We should really be paying more attention to the capabilities 135 * and only attempting auth if it's available, and warning the user 136 * if not. 137 */ 138 if (mTransport.canTryTlsSecurity()) { 139 if (result.contains("-STARTTLS")) { 140 executeSimpleCommand("STARTTLS"); 141 mTransport.reopenTls(); 142 /* 143 * Now resend the EHLO. Required by RFC2487 Sec. 5.2, and more specifically, 144 * Exim. 145 */ 146 result = executeSimpleCommand("EHLO " + localHost); 147 } else { 148 if (Config.LOGD && Email.DEBUG) { 149 Log.d(Email.LOG_TAG, "TLS not supported but required"); 150 } 151 throw new MessagingException(MessagingException.TLS_REQUIRED); 152 } 153 } 154 155 /* 156 * result contains the results of the EHLO in concatenated form 157 */ 158 boolean authLoginSupported = result.matches(".*AUTH.*LOGIN.*$"); 159 boolean authPlainSupported = result.matches(".*AUTH.*PLAIN.*$"); 160 161 if (mUsername != null && mUsername.length() > 0 && mPassword != null 162 && mPassword.length() > 0) { 163 if (authPlainSupported) { 164 saslAuthPlain(mUsername, mPassword); 165 } 166 else if (authLoginSupported) { 167 saslAuthLogin(mUsername, mPassword); 168 } 169 else { 170 if (Config.LOGD && Email.DEBUG) { 171 Log.d(Email.LOG_TAG, "No valid authentication mechanism found."); 172 } 173 throw new MessagingException(MessagingException.AUTH_REQUIRED); 174 } 175 } 176 } catch (SSLException e) { 177 if (Config.LOGD && Email.DEBUG) { 178 Log.d(Email.LOG_TAG, e.toString()); 179 } 180 throw new CertificateValidationException(e.getMessage(), e); 181 } catch (IOException ioe) { 182 if (Config.LOGD && Email.DEBUG) { 183 Log.d(Email.LOG_TAG, ioe.toString()); 184 } 185 throw new MessagingException(MessagingException.IOERROR, ioe.toString()); 186 } 187 } 188 189 @Override 190 public void sendMessage(long messageId) throws MessagingException { 191 close(); 192 open(); 193 194 Message message = Message.restoreMessageWithId(mContext, messageId); 195 if (message == null) { 196 throw new MessagingException("Trying to send non-existent message id=" 197 + Long.toString(messageId)); 198 } 199 Address from = Address.unpackFirst(message.mFrom); 200 Address[] to = Address.unpack(message.mTo); 201 Address[] cc = Address.unpack(message.mCc); 202 Address[] bcc = Address.unpack(message.mBcc); 203 204 try { 205 executeSimpleCommand("MAIL FROM: " + "<" + from.getAddress() + ">"); 206 for (Address address : to) { 207 executeSimpleCommand("RCPT TO: " + "<" + address.getAddress() + ">"); 208 } 209 for (Address address : cc) { 210 executeSimpleCommand("RCPT TO: " + "<" + address.getAddress() + ">"); 211 } 212 for (Address address : bcc) { 213 executeSimpleCommand("RCPT TO: " + "<" + address.getAddress() + ">"); 214 } 215 executeSimpleCommand("DATA"); 216 // TODO byte stuffing 217 Rfc822Output.writeTo(mContext, messageId, 218 new EOLConvertingOutputStream(mTransport.getOutputStream()), true, false); 219 executeSimpleCommand("\r\n."); 220 } catch (IOException ioe) { 221 throw new MessagingException("Unable to send message", ioe); 222 } 223 } 224 225 /** 226 * Close the protocol (and the transport below it). 227 * 228 * MUST NOT return any exceptions. 229 */ 230 @Override 231 public void close() { 232 mTransport.close(); 233 } 234 235 /** 236 * Send a single command and wait for a single response. Handles responses that continue 237 * onto multiple lines. Throws MessagingException if response code is 4xx or 5xx. All traffic 238 * is logged (if debug logging is enabled) so do not use this function for user ID or password. 239 * 240 * @param command The command string to send to the server. 241 * @return Returns the response string from the server. 242 */ 243 private String executeSimpleCommand(String command) throws IOException, MessagingException { 244 return executeSensitiveCommand(command, null); 245 } 246 247 /** 248 * Send a single command and wait for a single response. Handles responses that continue 249 * onto multiple lines. Throws MessagingException if response code is 4xx or 5xx. 250 * 251 * @param command The command string to send to the server. 252 * @param sensitiveReplacement If the command includes sensitive data (e.g. authentication) 253 * please pass a replacement string here (for logging). 254 * @return Returns the response string from the server. 255 */ 256 private String executeSensitiveCommand(String command, String sensitiveReplacement) 257 throws IOException, MessagingException { 258 if (command != null) { 259 mTransport.writeLine(command, sensitiveReplacement); 260 } 261 262 String line = mTransport.readLine(); 263 264 String result = line; 265 266 while (line.length() >= 4 && line.charAt(3) == '-') { 267 line = mTransport.readLine(); 268 result += line.substring(3); 269 } 270 271 if (result.length() > 0) { 272 char c = result.charAt(0); 273 if ((c == '4') || (c == '5')) { 274 throw new MessagingException(result); 275 } 276 } 277 278 return result; 279 } 280 281 282 // C: AUTH LOGIN 283 // S: 334 VXNlcm5hbWU6 284 // C: d2VsZG9u 285 // S: 334 UGFzc3dvcmQ6 286 // C: dzNsZDBu 287 // S: 235 2.0.0 OK Authenticated 288 // 289 // Lines 2-5 of the conversation contain base64-encoded information. The same conversation, with base64 strings decoded, reads: 290 // 291 // 292 // C: AUTH LOGIN 293 // S: 334 Username: 294 // C: weldon 295 // S: 334 Password: 296 // C: w3ld0n 297 // S: 235 2.0.0 OK Authenticated 298 299 private void saslAuthLogin(String username, String password) throws MessagingException, 300 AuthenticationFailedException, IOException { 301 try { 302 executeSimpleCommand("AUTH LOGIN"); 303 executeSensitiveCommand( 304 Base64.encodeToString(username.getBytes(), Base64.NO_WRAP), 305 "/username redacted/"); 306 executeSensitiveCommand( 307 Base64.encodeToString(password.getBytes(), Base64.NO_WRAP), 308 "/password redacted/"); 309 } 310 catch (MessagingException me) { 311 if (me.getMessage().length() > 1 && me.getMessage().charAt(1) == '3') { 312 throw new AuthenticationFailedException(me.getMessage()); 313 } 314 throw me; 315 } 316 } 317 318 private void saslAuthPlain(String username, String password) throws MessagingException, 319 AuthenticationFailedException, IOException { 320 byte[] data = ("\000" + username + "\000" + password).getBytes(); 321 data = Base64.encode(data, Base64.NO_WRAP); 322 try { 323 executeSensitiveCommand("AUTH PLAIN " + new String(data), "AUTH PLAIN /redacted/"); 324 } 325 catch (MessagingException me) { 326 if (me.getMessage().length() > 1 && me.getMessage().charAt(1) == '3') { 327 throw new AuthenticationFailedException(me.getMessage()); 328 } 329 throw me; 330 } 331 } 332 } 333