midi-smtp-server 2.3.3

data/lib/midi-smtp-server/exceptions.rb

@@ -0,0 +1,301 @@
+# frozen_string_literal: true
+
+# A small and highly customizable ruby SMTP-Server.
+module MidiSmtpServer
+
+  private
+
+  # special internal exception to signal timeout
+  # while waiting for incoming data line
+  class SmtpdIOTimeoutException < RuntimeError
+  end
+
+  # special internal exception to signal buffer size exceedance
+  # while waiting for incoming data line
+  class SmtpdIOBufferOverrunException < RuntimeError
+  end
+
+  # special internal exception to signal service stop
+  # without creating a fatal error message
+  class SmtpdStopServiceException < RuntimeError
+  end
+
+  # special internal exception to signal connection stop while
+  # server shutdown without creating a fatal error message
+  class SmtpdStopConnectionException < RuntimeError
+  end
+
+  public
+
+  # generic smtp server exception class
+  class SmtpdException < RuntimeError
+
+    attr_reader :smtpd_return_code
+    attr_reader :smtpd_return_text
+
+    def initialize(msg, smtpd_return_code, smtpd_return_text)
+      # save reference for smtp dialog
+      @smtpd_return_code = smtpd_return_code
+      @smtpd_return_text = smtpd_return_text
+      # call inherited constructor
+      super msg
+    end
+
+    def smtpd_result
+      return "#{@smtpd_return_code} #{@smtpd_return_text}"
+    end
+
+  end
+
+  # 421 <domain> Service not available, closing transmission channel
+  class Smtpd421Exception < SmtpdException
+
+    def initialize(msg = nil)
+      # call inherited constructor
+      super msg, 421, 'Service too busy or not available, closing transmission channel'
+    end
+
+  end
+
+  # 450 Requested mail action not taken: mailbox unavailable
+  #     e.g. mailbox busy
+  class Smtpd450Exception < SmtpdException
+
+    def initialize(msg = nil)
+      # call inherited constructor
+      super msg, 450, 'Requested mail action not taken: mailbox unavailable'
+    end
+
+  end
+
+  # 451 Requested action aborted: local error in processing
+  class Smtpd451Exception < SmtpdException
+
+    def initialize(msg = nil)
+      # call inherited constructor
+      super msg, 451, 'Requested action aborted: local error in processing'
+    end
+
+  end
+
+  # 452 Requested action not taken: insufficient system storage
+  class Smtpd452Exception < SmtpdException
+
+    def initialize(msg = nil)
+      # call inherited constructor
+      super msg, 452, 'Requested action not taken: insufficient system storage'
+    end
+
+  end
+
+  # 500 Syntax error, command unrecognised or error in parameters or arguments.
+  #     This may include errors such as command line too long
+  class Smtpd500Exception < SmtpdException
+
+    def initialize(msg = nil)
+      # call inherited constructor
+      super msg, 500, 'Syntax error, command unrecognised or error in parameters or arguments'
+    end
+
+  end
+
+  # 501 Syntax error in parameters or arguments
+  class Smtpd501Exception < SmtpdException
+
+    def initialize(msg = nil)
+      # call inherited constructor
+      super msg, 501, 'Syntax error in parameters or arguments'
+    end
+
+  end
+
+  # 502 Command not implemented
+  class Smtpd502Exception < SmtpdException
+
+    def initialize(msg = nil)
+      # call inherited constructor
+      super msg, 502, 'Command not implemented'
+    end
+
+  end
+
+  # 503 Bad sequence of commands
+  class Smtpd503Exception < SmtpdException
+
+    def initialize(msg = nil)
+      # call inherited constructor
+      super msg, 503, 'Bad sequence of commands'
+    end
+
+  end
+
+  # 504 Command parameter not implemented
+  class Smtpd504Exception < SmtpdException
+
+    def initialize(msg = nil)
+      # call inherited constructor
+      super msg, 504, 'Command parameter not implemented'
+    end
+
+  end
+
+  # 521 <domain> does not accept mail [rfc1846]
+  class Smtpd521Exception < SmtpdException
+
+    def initialize(msg = nil)
+      # call inherited constructor
+      super msg, 521, 'Service does not accept mail'
+    end
+
+  end
+
+  # 550 Requested action not taken: mailbox unavailable
+  #     e.g. mailbox not found, no access
+  class Smtpd550Exception < SmtpdException
+
+    def initialize(msg = nil)
+      # call inherited constructor
+      super msg, 550, 'Requested action not taken: mailbox unavailable'
+    end
+
+  end
+
+  # 552 Requested mail action aborted: exceeded storage allocation
+  class Smtpd552Exception < SmtpdException
+
+    def initialize(msg = nil)
+      # call inherited constructor
+      super msg, 552, 'Requested mail action aborted: exceeded storage allocation'
+    end
+
+  end
+
+  # 553 Requested action not taken: mailbox name not allowed
+  class Smtpd553Exception < SmtpdException
+
+    def initialize(msg = nil)
+      # call inherited constructor
+      super msg, 553, 'Requested action not taken: mailbox name not allowed'
+    end
+
+  end
+
+  # 554 Transaction failed
+  class Smtpd554Exception < SmtpdException
+
+    def initialize(msg = nil)
+      # call inherited constructor
+      super msg, 554, 'Transaction failed'
+    end
+
+  end
+
+  # Status when using authentication
+
+  # 432 Password transition is needed
+  class Smtpd432Exception < SmtpdException
+
+    def initialize(msg = nil)
+      # call inherited constructor
+      super msg, 432, 'Password transition is needed'
+    end
+
+  end
+
+  # 454 Temporary authentication failure
+  class Smtpd454Exception < SmtpdException
+
+    def initialize(msg = nil)
+      # call inherited constructor
+      super msg, 454, 'Temporary authentication failure'
+    end
+
+  end
+
+  # 530 Authentication required
+  class Smtpd530Exception < SmtpdException
+
+    def initialize(msg = nil)
+      # call inherited constructor
+      super msg, 530, 'Authentication required'
+    end
+
+  end
+
+  # 534 Authentication mechanism is too weak
+  class Smtpd534Exception < SmtpdException
+
+    def initialize(msg = nil)
+      # call inherited constructor
+      super msg, 534, 'Authentication mechanism is too weak'
+    end
+
+  end
+
+  # 535 Authentication credentials invalid
+  class Smtpd535Exception < SmtpdException
+
+    def initialize(msg = nil)
+      # call inherited constructor
+      super msg, 535, 'Authentication credentials invalid'
+    end
+
+  end
+
+  # 538 Encryption required for requested authentication mechanism
+  class Smtpd538Exception < SmtpdException
+
+    def initialize(msg = nil)
+      # call inherited constructor
+      super msg, 538, 'Encryption required for requested authentication mechanism'
+    end
+
+  end
+
+  # Status when using encryption
+
+  # 454 TLS not available
+  class Tls454Exception < SmtpdException
+
+    def initialize(msg = nil)
+      # call inherited constructor
+      super msg, 454, 'TLS not available'
+    end
+
+  end
+
+  # 530 Encryption required
+  class Tls530Exception < SmtpdException
+
+    def initialize(msg = nil)
+      # call inherited constructor
+      super msg, 530, 'Encryption required, must issue STARTTLS command first'
+    end
+
+  end
+
+  # Status when disabled PIPELINING
+
+  # 500 Bad input, no PIPELINING
+  class Smtpd500PipeliningException < SmtpdException
+
+    def initialize(msg = nil)
+      # call inherited constructor
+      super msg, 500, 'Bad input, PIPELINING is not allowed'
+    end
+
+  end
+
+  # Status when expeting CRLF sequence as line breaks (RFC(2)822)
+
+  # 500 Bad input, missing CRLF line termination
+  class Smtpd500CrLfSequenceException < SmtpdException
+
+    def initialize(msg = nil)
+      # call inherited constructor
+      super msg, 500, 'Bad input, Lines must be terminated by CRLF sequence'
+    end
+
+  end
+
+end

data/lib/midi-smtp-server/tls-transport.rb

@@ -0,0 +1,92 @@
+# frozen_string_literal: true
+
+require 'resolv'
+
+# A small and highly customizable ruby SMTP-Server.
+module MidiSmtpServer
+
+  # Encryption modes
+  ENCRYPT_MODES = [:TLS_FORBIDDEN, :TLS_OPTIONAL, :TLS_REQUIRED].freeze
+  DEFAULT_ENCRYPT_MODE = :TLS_FORBIDDEN
+
+  # Encryption ciphers and methods
+  # check https://www.owasp.org/index.php/TLS_Cipher_String_Cheat_Sheet
+  TLS_CIPHERS_ADVANCED_PLUS = 'DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256'
+  TLS_CIPHERS_ADVANCED      = (TLS_CIPHERS_ADVANCED_PLUS + ':DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256')
+  TLS_CIPHERS_BROAD_COMP    = (TLS_CIPHERS_ADVANCED + ':ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA')
+  TLS_CIPHERS_WIDEST_COMP   = (TLS_CIPHERS_ADVANCED + ':ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA')
+  TLS_CIPHERS_LEGACY        = (TLS_CIPHERS_ADVANCED + ':ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA')
+  TLS_METHODS_ADVANCED      = 'TLSv1_2'
+  TLS_METHODS_LEGACY        = 'TLSv1_1'
+
+  # class for TlsTransport
+  class TlsTransport
+
+    def initialize(cert_path, key_path, ciphers, methods, cert_cn, cert_san, logger)
+      # if need to debug something while working with openssl
+      # OpenSSL::debug = true
+
+      # save references
+      @logger = logger
+      @cert_path = cert_path.to_s == '' ? nil : cert_path.strip
+      @key_path = key_path.to_s == '' ? nil : key_path.strip
+      # create SSL context
+      @ctx = OpenSSL::SSL::SSLContext.new
+      @ctx.ciphers = ciphers.to_s == '' ? TLS_CIPHERS_ADVANCED_PLUS : ciphers
+      @ctx.ssl_version = methods.to_s == '' ? TLS_METHODS_ADVANCED : methods
+      # check cert_path and key_path
+      if !@cert_path.nil? || !@key_path.nil?
+        # if any is set, test the pathes
+        raise "File \”#{@cert_path}\" does not exist or is not a regular file. Could not load certificate." unless File.file?(@cert_path.to_s)
+        raise "File \”#{@key_path}\" does not exist or is not a regular file. Could not load private key." unless File.file?(@key_path.to_s)
+        # try to load certificate and key
+        @ctx.cert = OpenSSL::X509::Certificate.new(File.open(@cert_path.to_s))
+        @ctx.key = OpenSSL::PKey::RSA.new(File.open(@key_path.to_s))
+      else
+        # if none cert_path was set, create a self signed test certificate
+        # and try to setup common subject and subject alt name(s) for cert
+        @cert_cn = cert_cn.to_s.strip
+        @cert_san = ([@cert_cn] + (cert_san.nil? ? [] : cert_san)).uniq
+        # as well as IP Address extension entries for subject alt name(s) if ipv4 or ipv6 address
+        @cert_san_ip = []
+        @cert_san.each { |san| @cert_san_ip << san if san =~ Resolv::IPv4::Regex || san =~ Resolv::IPv6::Regex }
+        # initialize self certificate and key
+        logger.debug("SSL: using self generated test certificate! CN=#{@cert_cn} SAN=[#{@cert_san.join(',')}]")
+        @ctx.key = OpenSSL::PKey::RSA.new 4096
+        @ctx.cert = OpenSSL::X509::Certificate.new
+        @ctx.cert.version = 2
+        @ctx.cert.serial = 1
+        # the subject and the issuer are identical only for test certificate
+        @ctx.cert.subject = OpenSSL::X509::Name.new [['CN', @cert_cn]]
+        @ctx.cert.issuer = @ctx.cert.subject
+        @ctx.cert.public_key = @ctx.key
+        # valid for 90 days
+        @ctx.cert.not_before = Time.now
+        @ctx.cert.not_after = Time.now + 60 * 60 * 24 * 90
+        # setup some cert extensions
+        @ef = OpenSSL::X509::ExtensionFactory.new
+        @ef.subject_certificate = @ctx.cert
+        @ef.issuer_certificate = @ctx.cert
+        @ctx.cert.add_extension(@ef.create_extension('basicConstraints', 'CA:FALSE', false))
+        @ctx.cert.add_extension(@ef.create_extension('keyUsage', 'digitalSignature, nonRepudiation, keyEncipherment, dataEncipherment', false))
+        @ctx.cert.add_extension(@ef.create_extension('subjectAltName', (@cert_san.map { |san| "DNS:#{san}" } + @cert_san_ip.map { |ip| "IP:#{ip}" }).join(', '), false))
+        @ctx.cert.sign @ctx.key, OpenSSL::Digest::SHA256.new
+        logger.debug("SSL: generated test certificate\r\n#{@ctx.cert.to_text}")
+      end
+    end
+
+    # start ssl connection over existing tcpserver socket
+    def start(io)
+      # start SSL negotiation
+      ssl = OpenSSL::SSL::SSLSocket.new(io, @ctx)
+      # connect to server socket
+      ssl.accept
+      # make sure to close also the underlying io
+      ssl.sync_close = true
+      # return as new io socket
+      return ssl
+    end
+
+  end
+
+end

data/lib/midi-smtp-server/version.rb

@@ -0,0 +1,18 @@
+# frozen_string_literal: true
+
+# A small and highly customizable ruby SMTP-Server.
+module MidiSmtpServer
+
+  module VERSION
+
+    MAJOR = 2
+    MINOR = 3
+    TINY = 3
+
+    STRING = [MAJOR, MINOR, TINY].compact.join('.')
+
+    DATE = '2022-02-12'
+
+  end
+
+end