0.17.2: - betriebsmodus "KONNEKTOR" -> über den konnektor verschlüsselte und signierte mail kann an einen normalen mailserver gesendet werden, NUR für den Test angedacht

Author: basketmc

pom.xml

@@ -10,7 +10,7 @@
     </parent>
     <groupId>net.sberg</groupId>
     <artifactId>openkim</artifactId>
-    <version>0.17.1</version>
+    <version>0.17.2</version>
     <name>openkim</name>
     <description>Open KIM Client Modul</description>
 

src/main/java/net/sberg/openkim/gateway/pop3/cmdhandler/Pop3GatewayRetrCmdHandler.java

@@ -28,6 +28,7 @@
 import net.sberg.openkim.pipeline.operation.mail.CreateDsnOperation;
 import net.sberg.openkim.pipeline.operation.mail.CreateEmbeddedMessageRfc822Operation;
 import net.sberg.openkim.pipeline.operation.mail.DecryptVerifyMailOperation;
+import net.sberg.openkim.pipeline.operation.mail.MailUtils;
 import net.sberg.openkim.pipeline.operation.mail.kas.KasIncomingMailOperation;
 import org.apache.james.protocols.api.Request;
 import org.apache.james.protocols.api.Response;
@@ -110,6 +111,11 @@ private Response doRetr(POP3Session session, Request request) {
         if (session.getHandlerState() == POP3Session.TRANSACTION) {
             try {
                 MimeMessage message = (MimeMessage) pop3GatewaySession.getPop3ClientFolder().getMessage(Integer.parseInt(request.getArgument()));
+
+                if (!MailUtils.checkAddressMapping(logger, message, false)) {
+                    throw new IllegalStateException("error on checking of address mapping");
+                }
+
                 pop3GatewaySession.setGatewayState(EnumPop3GatewayState.PROCESS);
 
                 byte[] pop3msg = null;
@@ -144,7 +150,12 @@ private Response doRetr(POP3Session session, Request request) {
                         message = (MimeMessage) defaultPipelineOperationContext.getEnvironmentValue(KasIncomingMailOperation.NAME, KasIncomingMailOperation.ENV_RESULT_MSG);
                     }
 
-                    pop3msg = decryptVerify(pop3GatewaySession.getLogger(), pop3GatewaySession.getLogger().getDefaultLoggerContext().getMailServerUsername(), message);
+                    String userMailAddress = pop3GatewaySession.getLogger().getDefaultLoggerContext().getMailServerUsername();
+                    if (!logger.getDefaultLoggerContext().getKonfiguration().getGatewayTIMode().equals(EnumGatewayTIMode.FULLSTACK) && logger.getDefaultLoggerContext().getSenderAddressMapping().containsKey(userMailAddress)) {
+                        userMailAddress = logger.getDefaultLoggerContext().getSenderAddressMapping().get(userMailAddress);
+                    }
+
+                    pop3msg = decryptVerify(pop3GatewaySession.getLogger(), userMailAddress, message);
                     if (!logger.getDefaultLoggerContext().getMailSignVerifyErrorContext().isEmpty()) {
 
                         CreateDsnOperation createDsnOperation = (CreateDsnOperation) pipelineService.getOperation(CreateDsnOperation.BUILTIN_VENDOR + "." + CreateDsnOperation.NAME);

src/main/java/net/sberg/openkim/gateway/smtp/cmdhandler/SmtpGatewayRcptCmdHandler.java

@@ -98,9 +98,9 @@ protected Response doCoreCmd(SMTPSession session, String command, String paramet
             }
             else {
                 DefaultLoggerContext loggerContext = ((SmtpGatewaySession) session).getLogger().getDefaultLoggerContext();
-                if (!loggerContext.getRecipientAddresses().contains(recipientAddress.asString().toLowerCase())) {
+                if (!loggerContext.getRecipientAddresses(true).contains(recipientAddress.asString().toLowerCase())) {
                     ((SmtpGatewaySession) session).log("rcpt to: "+recipientAddress.asString().toLowerCase());
-                    loggerContext.getRecipientAddresses().add(recipientAddress.asString().toLowerCase());
+                    loggerContext.getRecipientAddresses(true).add(recipientAddress.asString().toLowerCase());
                 }
             }
         } catch (Exception e) {

src/main/java/net/sberg/openkim/gateway/smtp/hook/SmtpGatewayMailHook.java

@@ -31,6 +31,7 @@
 import net.sberg.openkim.pipeline.operation.DefaultPipelineOperationContext;
 import net.sberg.openkim.pipeline.operation.konnektor.vzd.LoadVzdCertsOperation;
 import net.sberg.openkim.pipeline.operation.mail.CheckSendingMailOperation;
+import net.sberg.openkim.pipeline.operation.mail.MailUtils;
 import net.sberg.openkim.pipeline.operation.mail.SendDsnOperation;
 import net.sberg.openkim.pipeline.operation.mail.SignEncryptMailOperation;
 import net.sberg.openkim.pipeline.operation.mail.kas.KasOutgoingMailOperation;
@@ -191,30 +192,33 @@ public HookResult onMessage(SMTPSession session, MailEnvelope mailEnvelope) {
 
             File tempMailFile = FileUtils.writeToFileDirectory((ByteArrayOutputStream) mailEnvelope.getMessageOutputStream(), "openkim", System.getProperty("java.io.tmpdir"));
             MimeMessage message = new MimeMessage(Session.getInstance(new Properties()), new FileInputStream(tempMailFile));
+            if (!MailUtils.checkAddressMapping(logger, message, true)) {
+                throw new IllegalStateException("error on checking of address mapping");
+            }
             tempMailFile.delete();
 
             String msgContent = null;
             List<IErrorContext> errorContexts = new ArrayList();
             if (!logger.getDefaultLoggerContext().getKonfiguration().getGatewayTIMode().equals(EnumGatewayTIMode.NO_TI)) {
 
                 //check sender
-                List<String> senderAddresses = List.of(logger.getDefaultLoggerContext().getSenderAddress());
+                List<String> senderAddresses = List.of(logger.getDefaultLoggerContext().getSenderAddress(false));
                 if (!checkMailAddresses(smtpGatewaySession, logger.getDefaultLoggerContext().getSenderCerts(), senderAddresses, true, false)) {
                     smtpGatewaySession.getSmtpClient().rset();
                     smtpGatewaySession.log("mail hook ends - error");
                     return HookResult.DENY;
                 }
-                if (logger.getDefaultLoggerContext().getMailaddressCertErrorContext().isError(logger.getDefaultLoggerContext().getSenderAddress())) {
+                if (logger.getDefaultLoggerContext().getMailaddressCertErrorContext().isError(logger.getDefaultLoggerContext().getSenderAddress(false))) {
                     smtpGatewaySession.getSmtpClient().rset();
                     return sendDsn(logger, List.of(logger.getDefaultLoggerContext().getMailaddressCertErrorContext()), message, true);
                 }
-                if (logger.getDefaultLoggerContext().getMailaddressKimVersionErrorContext().isError(logger.getDefaultLoggerContext().getSenderAddress())) {
+                if (logger.getDefaultLoggerContext().getMailaddressKimVersionErrorContext().isError(logger.getDefaultLoggerContext().getSenderAddress(false))) {
                     smtpGatewaySession.getSmtpClient().rset();
                     return sendDsn(logger, List.of(logger.getDefaultLoggerContext().getMailaddressKimVersionErrorContext()), message, true);
                 }
 
                 //check recipients
-                if (!checkMailAddresses(smtpGatewaySession, logger.getDefaultLoggerContext().getRecipientCerts(), logger.getDefaultLoggerContext().getRecipientAddresses(), false, true)) {
+                if (!checkMailAddresses(smtpGatewaySession, logger.getDefaultLoggerContext().getRecipientCerts(), logger.getDefaultLoggerContext().getRecipientAddresses(false), false, true)) {
                     smtpGatewaySession.getSmtpClient().rset();
                     smtpGatewaySession.log("mail hook ends - error");
                     return HookResult.DENY;
@@ -343,7 +347,7 @@ public HookResult onMessage(SMTPSession session, MailEnvelope mailEnvelope) {
             else {
                 //send rcpt to
                 boolean successfulRcptTo = false;
-                for (Iterator<String> iterator = logger.getDefaultLoggerContext().getRecipientAddresses().iterator(); iterator.hasNext(); ) {
+                for (Iterator<String> iterator = logger.getDefaultLoggerContext().getRecipientAddresses(true).iterator(); iterator.hasNext(); ) {
                     String rcptAddress = iterator.next();
                     int res = ((SmtpGatewaySession) session).getSmtpClient().rcpt("<" + rcptAddress + ">");
                     if (!SMTPReply.isPositiveCompletion(res)) {

src/main/java/net/sberg/openkim/log/DefaultLoggerContext.java

@@ -18,11 +18,13 @@
 
 import net.sberg.openkim.common.x509.X509CertificateResult;
 import net.sberg.openkim.fachdienst.Fachdienst;
+import net.sberg.openkim.konfiguration.EnumGatewayTIMode;
 import net.sberg.openkim.konfiguration.Konfiguration;
 import net.sberg.openkim.konnektor.Konnektor;
 import net.sberg.openkim.log.error.*;
 
 import java.util.*;
+import java.util.stream.Collectors;
 
 public class DefaultLoggerContext {
 
@@ -47,10 +49,14 @@ public class DefaultLoggerContext {
     private String mailServerUsername;
     private String mailServerPassword;
     private de.gematik.kim.al.model.AccountLimit accountLimit = new de.gematik.kim.al.model.AccountLimit();
+
     private String senderAddress;
     private Map<String, X509CertificateResult> senderCerts = new HashMap<>();
+    private Map<String, String> senderAddressMapping = new HashMap<>();
+
     private List<String> recipientAddresses = new ArrayList<>();
     private Map<String, X509CertificateResult> recipientCerts = new HashMap<>();
+    private Map<String, Map<String, String>> recipientAddressMapping = new HashMap<>();
 
     private final MailaddressCertErrorContext mailaddressCertErrorContext = new MailaddressCertErrorContext();
     private final MailaddressKimVersionErrorContext mailaddressKimVersionErrorContext = new MailaddressKimVersionErrorContext();
@@ -252,15 +258,35 @@ public String getMailServerPassword() {
         return mailServerPassword;
     }
 
-    public List<String> getRecipientAddresses() { return recipientAddresses; }
-
+    public List<String> getRecipientAddresses(boolean origin) {
+        if (konfiguration.getGatewayTIMode().equals(EnumGatewayTIMode.FULLSTACK)) {
+            return recipientAddresses;
+        }
+        if (origin) {
+            return recipientAddresses;
+        }
+        if (getRecipientAddressMapping().isEmpty()) {
+            return recipientAddresses;
+        }
+        return getRecipientAddressMapping().values().stream().map(stringStringMap -> stringStringMap.values()).flatMap(Collection::stream).collect(Collectors.toList());
+    }
     public Map<String, X509CertificateResult> getRecipientCerts() { return recipientCerts; }
+    public Map<String, Map<String, String>> getRecipientAddressMapping() { return recipientAddressMapping; }
 
-    public String getSenderAddress() {
-        return senderAddress;
+    public String getSenderAddress(boolean origin) {
+        if (konfiguration.getGatewayTIMode().equals(EnumGatewayTIMode.FULLSTACK)) {
+            return senderAddress;
+        }
+        if (origin) {
+            return senderAddress;
+        }
+        if (getSenderAddressMapping().isEmpty()) {
+            return senderAddress;
+        }
+        return getSenderAddressMapping().get(senderAddress);
     }
-
     public Map<String, X509CertificateResult> getSenderCerts() { return senderCerts; }
+    public Map<String, String> getSenderAddressMapping() { return senderAddressMapping; }
 
     public de.gematik.kim.al.model.AccountLimit getAccountLimit() {
         return accountLimit;

src/main/java/net/sberg/openkim/pipeline/operation/mail/CheckSendingMailOperation.java

@@ -72,7 +72,7 @@ public void execute(DefaultPipelineOperationContext defaultPipelineOperationCont
 
             MimeMessage message = (MimeMessage) defaultPipelineOperationContext.getEnvironmentValue(NAME, ENV_MSG);
             List<X509CertificateResult> recipientCerts = new ArrayList<>(logger.getDefaultLoggerContext().getRecipientCerts().values());
-            String senderAddress = logger.getDefaultLoggerContext().getSenderAddress();
+            String senderAddress = logger.getDefaultLoggerContext().getSenderAddress(false);
 
             if (message.getFrom() == null || message.getFrom().length == 0) {
                 logger.logLine("no from header available for senderAddress: " + senderAddress);

src/main/java/net/sberg/openkim/pipeline/operation/mail/ComposeEncryptedMailOperation.java

@@ -135,6 +135,14 @@ public void execute(DefaultPipelineOperationContext defaultPipelineOperationCont
                 resultMsg.addHeader(MailUtils.X_OPENKIM_TEST_ID, openkimTestId);
             }
 
+            //check on openkim test message -> addressmapping
+            String addressMapping = (originMimeMessage.getHeader(MailUtils.X_OPENKIM_ADDRESS_MAPPING) != null && originMimeMessage.getHeader(MailUtils.X_OPENKIM_ADDRESS_MAPPING).length > 0)
+                    ? originMimeMessage.getHeader(MailUtils.X_OPENKIM_ADDRESS_MAPPING)[0]
+                    : null;
+            if (addressMapping != null) {
+                resultMsg.addHeader(MailUtils.X_OPENKIM_ADDRESS_MAPPING, addressMapping);
+            }
+
             resultMsg.addHeader(MailUtils.X_KIM_DIENSTKENNUNG, dienstkennung);
             resultMsg = MailUtils.setRecipients(logger, recipientCerts, originMimeMessage, resultMsg, Message.RecipientType.TO);
             resultMsg = MailUtils.setRecipients(logger, recipientCerts, originMimeMessage, resultMsg, Message.RecipientType.CC);

src/main/java/net/sberg/openkim/pipeline/operation/mail/MailUtils.java

@@ -138,6 +138,77 @@ public static final MimeMessage setRecipients(
         return resultMessage;
     }
 
+    public static final boolean checkAddressMapping(DefaultLogger logger, MimeMessage msg, boolean sendingMode) throws Exception {
+        try {
+            logger.logLine("checkAddressMapping");
+            String addressMappingStr = (msg.getHeader(MailUtils.X_OPENKIM_ADDRESS_MAPPING) != null && msg.getHeader(MailUtils.X_OPENKIM_ADDRESS_MAPPING).length > 0)
+                ? msg.getHeader(MailUtils.X_OPENKIM_ADDRESS_MAPPING)[0]
+                : null;
+            if (addressMappingStr == null) {
+                logger.logLine("checkAddressMapping finished - no mappings available");
+                return true;
+            }
+            //to|kim-test@sberg.net=uschi@web.de,from|basketmc@gmail.com=uschi@yahoo.de
+            String[] mappings = addressMappingStr.split(",");
+            for (int i = 0; i < mappings.length; i++) {
+                String recOrSender = mappings[i].split("\\|")[0].toLowerCase();
+                String mapping = mappings[i].split("\\|")[1];
+                String source = mapping.split("=")[0].toLowerCase();
+                String target = mapping.split("=")[1].toLowerCase();
+                if (!recOrSender.equals(FROM.toLowerCase())
+                    &&
+                    !recOrSender.equals(TO.toLowerCase())
+                    &&
+                    !recOrSender.equals(CC.toLowerCase())
+                    &&
+                    !recOrSender.equals(BCC.toLowerCase())
+                ) {
+                    throw new IllegalStateException("falsches Format");
+                }
+
+                if (recOrSender.equals(FROM.toLowerCase())) {
+                    logger.getDefaultLoggerContext().getSenderAddressMapping().put(source, target);
+                }
+                else {
+                    if (!logger.getDefaultLoggerContext().getRecipientAddressMapping().containsKey(recOrSender)) {
+                        logger.getDefaultLoggerContext().getRecipientAddressMapping().put(recOrSender, new HashMap<>());
+                    }
+                    logger.getDefaultLoggerContext().getRecipientAddressMapping().get(recOrSender).put(source, target);
+                }
+            }
+
+            if (sendingMode) {
+                String from = msg.getFrom()[0].toString().toLowerCase();
+                if (logger.getDefaultLoggerContext().getSenderAddressMapping().containsKey(from)) {
+                    msg.setFrom(logger.getDefaultLoggerContext().getSenderAddressMapping().get(from));
+                }
+
+                List<Message.RecipientType> types = List.of(Message.RecipientType.TO, Message.RecipientType.CC, Message.RecipientType.BCC);
+                for (Iterator<Message.RecipientType> iterator = types.iterator(); iterator.hasNext(); ) {
+                    Message.RecipientType type = iterator.next();
+                    Address[] addresses = msg.getRecipients(type);
+                    if (addresses != null && logger.getDefaultLoggerContext().getRecipientAddressMapping().containsKey(type.toString().toLowerCase())) {
+                        msg.removeHeader(type.toString().toLowerCase());
+                        for (int i = 0; i < addresses.length; i++) {
+                            if (logger.getDefaultLoggerContext().getRecipientAddressMapping().get(type.toString().toLowerCase()).containsKey(addresses[i].toString().toLowerCase())) {
+                                msg.addRecipient(type, new InternetAddress(logger.getDefaultLoggerContext().getRecipientAddressMapping().get(type.toString().toLowerCase()).get(addresses[i].toString().toLowerCase())));
+                            } else {
+                                msg.addRecipient(type, addresses[i]);
+                            }
+                        }
+                    }
+                }
+            }
+
+            return true;
+        }
+        catch (Exception e) {
+            log.error("error on checkAddressMapping", e);
+            logger.logLine("error on checkAddressMapping");
+            throw e;
+        }
+    }
+
     public static final boolean checkHeader(DefaultLogger logger, Konnektor konnektor, MimeMessage encryptedMsg, MimeMessage decryptedAndVerifiedMsg, String headerName) throws Exception {
         try {
             logger.logLine("check header: " + headerName);
@@ -298,7 +369,7 @@ public static final Session createPop3ClientSession(
             authMethod,
             host,
             port,
-                pop3ClientIdleTimeoutInSeconds * 1000
+            pop3ClientIdleTimeoutInSeconds * 1000
         );
 
         if (createSSLSocketFactory) {

src/main/java/net/sberg/openkim/pipeline/operation/mail/SendDsnOperation.java

@@ -177,7 +177,7 @@ else if (errorContext instanceof MailaddressKimVersionErrorContext) {
 
             mimeMessage = DsnHelper.createMessage(
                 originMessage,
-                logger.getDefaultLoggerContext().getSenderAddress(),
+                logger.getDefaultLoggerContext().getSenderAddress(false),
                 contentBuilder.toString(),
                 "",
                 "",
@@ -212,8 +212,8 @@ else if (errorContext instanceof MailaddressKimVersionErrorContext) {
             logger.logLine("dsn sending - smtp auth: " + res);
             if (res) {
                 String content = byteArrayOutputStream.toString();
-                String[] recs = new String[]{logger.getDefaultLoggerContext().getSenderAddress()};
-                res = client.sendSimpleMessage(logger.getDefaultLoggerContext().getSenderAddress(), recs, content);
+                String[] recs = new String[]{logger.getDefaultLoggerContext().getSenderAddress(false)};
+                res = client.sendSimpleMessage(logger.getDefaultLoggerContext().getSenderAddress(false), recs, content);
                 logger.logLine("dsn sending - smtp sent: " + res);
             }