hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-18 01:33:15 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #3491 from luchua-bc/java-insecure-smtp-ssl

Browse Source 
Java: CWE-297 insecure JavaMail SSL configuration
This commit is contained in:
Anders Schack-Mulligen
2020-06-10 11:02:50 +02:00
committed by GitHub
parent 06066f0c5b 1fd9c7fdec
commit 4b3ca13f25
17 changed files with 2783 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

30
java/ql/src/experimental/Security/CWE/CWE-297/InsecureJavaMail.qhelp Normal file
View File

@@ -0,0 +1,30 @@
<!DOCTYPE qhelp PUBLIC
"-//Semmle//qhelp//EN"
"qhelp.dtd">
<qhelp>
<overview>
<p>JavaMail is commonly used in Java applications to send emails. There are popular third-party libraries like Apache Commons Email which are built on JavaMail and facilitate integration. Authenticated mail sessions require user credentials and mail sessions can require SSL/TLS authentication. It is a common security vulnerability that host-specific certificate data is not validated or is incorrectly validated. Failing to validate the certificate makes the SSL session susceptible to a man-in-the-middle attack.</p>
<p>This query checks whether SSL certificate is validated when username/password is sent in authenticator and when SSL is enabled.</p>
<p>The query has code for both plain JavaMail invocation and mailing through Apache SimpleMail to make it more comprehensive.</p>
</overview>
<recommendation>
<p>Validate SSL certificate when sensitive information is sent in email communications.</p>
</recommendation>
<example>
<p>The following two examples show two ways of configuring secure emails through JavaMail or Apache SimpleMail. In the 'BAD' case,
credentials are sent in an SSL session without certificate validation. In the 'GOOD' case, the certificate is validated.</p>
<sample src="JavaMail.java" />
<sample src="SimpleMail.java" />
</example>
<references>
<li>
<a href="https://cwe.mitre.org/data/definitions/297.html">CWE-297</a>
<a href="https://issues.apache.org/jira/browse/LOG4J2-2819">Add support for specifying an SSL configuration for SmtpAppender (CVE-2020-9488)</a>
<a href="https://rules.sonarsource.com/java/tag/owasp/RSPEC-4499">SMTP SSL connection should check server identity</a>
</li>
</references>
</qhelp>

103
java/ql/src/experimental/Security/CWE/CWE-297/InsecureJavaMail.ql Normal file
View File

@@ -0,0 +1,103 @@
/**
* @id java/insecure-smtp-ssl
* @name Insecure JavaMail SSL Configuration
* @description Java application configured to use authenticated mail session over SSL does not validate the SSL certificate to properly ensure that it is actually associated with that host.
* @kind problem
* @tags security
* external/cwe-297
*/
import java
/**
* The method to set Java properties
*/
class SetPropertyMethod extends Method {
SetPropertyMethod() {
this.hasName("setProperty") and
this.getDeclaringType().hasQualifiedName("java.util", "Properties")
or
this.hasName("put") and
this.getDeclaringType().getASourceSupertype*().hasQualifiedName("java.util", "Dictionary")
}
}
/**
* The insecure way to set Java properties in mail sessions.
* 1. Set the mail.smtp.auth property to provide the SMTP Transport with a username and password when connecting to the SMTP server or
* set the mail.smtp.ssl.socketFactory/mail.smtp.ssl.socketFactory.class property to create an SMTP SSL socket.
* 2. No mail.smtp.ssl.checkserveridentity property is enabled.
*/
predicate isInsecureMailPropertyConfig(VarAccess propertiesVarAccess) {
exists(MethodAccess ma |
ma.getMethod() instanceof SetPropertyMethod and
ma.getQualifier() = propertiesVarAccess.getVariable().getAnAccess() and
(
getStringValue(ma.getArgument(0)).matches("%.auth%") and //mail.smtp.auth
getStringValue(ma.getArgument(1)) = "true"
or
getStringValue(ma.getArgument(0)).matches("%.socketFactory%") //mail.smtp.socketFactory or mail.smtp.socketFactory.class
)
) and
not exists(MethodAccess ma |
ma.getMethod() instanceof SetPropertyMethod and
ma.getQualifier() = propertiesVarAccess.getVariable().getAnAccess() and
(
getStringValue(ma.getArgument(0)).matches("%.ssl.checkserveridentity%") and //mail.smtp.ssl.checkserveridentity
getStringValue(ma.getArgument(1)) = "true"
)
)
}
/**
* Helper method to get string value of an argument
*/
string getStringValue(Expr expr) {
result = expr.(CompileTimeConstantExpr).getStringValue()
or
result = getStringValue(expr.(AddExpr).getLeftOperand())
or
result = getStringValue(expr.(AddExpr).getRightOperand())
}
/**
* The JavaMail session class `javax.mail.Session`
*/
class MailSession extends RefType {
MailSession() { this.hasQualifiedName("javax.mail", "Session") }
}
/**
* The class of Apache SimpleMail
*/
class SimpleMail extends RefType {
SimpleMail() { this.hasQualifiedName("org.apache.commons.mail", "SimpleEmail") }
}
/**
* Has TLS/SSL enabled with SimpleMail
*/
predicate enableTLSWithSimpleMail(MethodAccess ma) {
ma.getMethod().hasName("setSSLOnConnect") and
ma.getArgument(0).(BooleanLiteral).getBooleanValue() = true
}
/**
* Has no certificate check
*/
predicate hasNoCertCheckWithSimpleMail(VarAccess va) {
not exists(MethodAccess ma |
ma.getQualifier() = va.getVariable().getAnAccess() and
ma.getMethod().hasName("setSSLCheckServerIdentity") and
ma.getArgument(0).(BooleanLiteral).getBooleanValue() = true
)
}
from MethodAccess ma
where
ma.getMethod().getDeclaringType() instanceof MailSession and
ma.getMethod().getName() = "getInstance" and
isInsecureMailPropertyConfig(ma.getArgument(0))
or
enableTLSWithSimpleMail(ma) and hasNoCertCheckWithSimpleMail(ma.getQualifier())
select ma, "Java mailing has insecure SSL configuration"

43
java/ql/src/experimental/Security/CWE/CWE-297/JavaMail.java Normal file
View File

@@ -0,0 +1,43 @@
import java.util.Properties;
import javax.activation.DataSource;
import javax.mail.Authenticator;
import javax.mail.Message;
import javax.mail.MessagingException;
import javax.mail.PasswordAuthentication;
import javax.mail.Session;
import org.apache.logging.log4j.util.PropertiesUtil;
class JavaMail {
public static void main(String[] args) {
// BAD: Don't have server certificate check
{
final Properties properties = PropertiesUtil.getSystemProperties();
properties.put("mail.transport.protocol", "protocol");
properties.put("mail.smtp.host", "hostname");
properties.put("mail.smtp.socketFactory.class", "classname");
final Authenticator authenticator = buildAuthenticator("username", "password");
if (null != authenticator) {
properties.put("mail.smtp.auth", "true");
}
final Session session = Session.getInstance(properties, authenticator);
}
// GOOD: Have server certificate check
{
final Properties properties = PropertiesUtil.getSystemProperties();
properties.put("mail.transport.protocol", "protocol");
properties.put("mail.smtp.host", "hostname");
properties.put("mail.smtp.socketFactory.class", "classname");
final Authenticator authenticator = buildAuthenticator("username", "password");
if (null != authenticator) {
properties.put("mail.smtp.auth", "true");
properties.put("mail.smtp.ssl.checkserveridentity", "true");
}
final Session session = Session.getInstance(properties, authenticator);
}
}
}

40
java/ql/src/experimental/Security/CWE/CWE-297/SimpleMail.java Normal file
View File

@@ -0,0 +1,40 @@
import org.apache.commons.mail.DefaultAuthenticator;
import org.apache.commons.mail.Email;
import org.apache.commons.mail.EmailException;
import org.apache.commons.mail.SimpleEmail;
class SimpleMail {
public static void main(String[] args) throws EmailException {
// BAD: Don't have setSSLCheckServerIdentity set or set as false
{
Email email = new SimpleEmail();
email.setHostName("hostName");
email.setSmtpPort(25);
email.setAuthenticator(new DefaultAuthenticator("username", "password"));
email.setSSLOnConnect(true);
//email.setSSLCheckServerIdentity(false);
email.setFrom("fromAddress");
email.setSubject("subject");
email.setMsg("body");
email.addTo("toAddress");
email.send();
}
// GOOD: Have setSSLCheckServerIdentity set to true
{
Email email = new SimpleEmail();
email.setHostName("hostName");
email.setSmtpPort(25);
email.setAuthenticator(new DefaultAuthenticator("username", "password"));
email.setSSLOnConnect(true);
email.setSSLCheckServerIdentity(true);
email.setFrom("fromAddress");
email.setSubject("subject");
email.setMsg("body");
email.addTo("toAddress");
email.send();
}
}
}

2
java/ql/test/experimental/query-tests/security/CWE-297/InsecureJavaMail.expected Normal file
View File

@@ -0,0 +1,2 @@
| InsecureJavaMail.java:29:27:29:72 | getInstance(...) | Java mailing has insecure SSL configuration |
| InsecureJavaMail.java:37:3:37:29 | setSSLOnConnect(...) | Java mailing has insecure SSL configuration |

45
java/ql/test/experimental/query-tests/security/CWE-297/InsecureJavaMail.java Normal file
View File

@@ -0,0 +1,45 @@
import java.util.Properties;
import javax.mail.Authenticator;
import javax.mail.PasswordAuthentication;
import javax.mail.Session;
import org.apache.commons.mail.DefaultAuthenticator;
import org.apache.commons.mail.Email;
import org.apache.commons.mail.SimpleEmail;
import java.util.Properties;
class InsecureJavaMail {
public void testJavaMail() {
final Properties properties = new Properties();
properties.put("mail.transport.protocol", "protocol");
properties.put("mail.smtp.host", "hostname");
properties.put("mail.smtp.socketFactory.class", "classname");
final javax.mail.Authenticator authenticator = new javax.mail.Authenticator() {
protected PasswordAuthentication getPasswordAuthentication() {
return new PasswordAuthentication("username", "password");
}
};
if (null != authenticator) {
properties.put("mail.smtp.auth", "true");
// properties.put("mail.smtp.ssl.checkserveridentity", "true");
}
final Session session = Session.getInstance(properties, authenticator);
}
public void testSimpleMail() {
Email email = new SimpleEmail();
email.setHostName("config.hostName");
email.setSmtpPort(25);
email.setAuthenticator(new DefaultAuthenticator("config.username", "config.password"));
email.setSSLOnConnect(true);
// email.setSSLCheckServerIdentity(true);
email.setFrom("fromAddress");
email.setSubject("subject");
email.setMsg("body");
email.addTo("toAddress");
email.send();
}
}

1
java/ql/test/experimental/query-tests/security/CWE-297/InsecureJavaMail.qlref Normal file
View File

@@ -0,0 +1 @@
experimental/Security/CWE/CWE-297/InsecureJavaMail.ql

1
java/ql/test/experimental/query-tests/security/CWE-297/options Normal file
View File

@@ -0,0 +1 @@
// semmle-extractor-options: --javac-args -cp ${testdir}/../../../../stubs/apache-commons-email-1.6.0:${testdir}/../../../../stubs/javamail-api-1.6.2

202
java/ql/test/stubs/apache-commons-email-1.6.0/LICENSE.txt Normal file
View File

@@ -0,0 +1,202 @@
Apache License
Version 2.0, January 2004
http://www.apache.org/licenses/
TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
1. Definitions.
"License" shall mean the terms and conditions for use, reproduction,
and distribution as defined by Sections 1 through 9 of this document.
"Licensor" shall mean the copyright owner or entity authorized by
the copyright owner that is granting the License.
"Legal Entity" shall mean the union of the acting entity and all
other entities that control, are controlled by, or are under common
control with that entity. For the purposes of this definition,
"control" means (i) the power, direct or indirect, to cause the
direction or management of such entity, whether by contract or
otherwise, or (ii) ownership of fifty percent (50%) or more of the
outstanding shares, or (iii) beneficial ownership of such entity.
"You" (or "Your") shall mean an individual or Legal Entity
exercising permissions granted by this License.
"Source" form shall mean the preferred form for making modifications,
including but not limited to software source code, documentation
source, and configuration files.
"Object" form shall mean any form resulting from mechanical
transformation or translation of a Source form, including but
not limited to compiled object code, generated documentation,
and conversions to other media types.
"Work" shall mean the work of authorship, whether in Source or
Object form, made available under the License, as indicated by a
copyright notice that is included in or attached to the work
(an example is provided in the Appendix below).
"Derivative Works" shall mean any work, whether in Source or Object
form, that is based on (or derived from) the Work and for which the
editorial revisions, annotations, elaborations, or other modifications
represent, as a whole, an original work of authorship. For the purposes
of this License, Derivative Works shall not include works that remain
separable from, or merely link (or bind by name) to the interfaces of,
the Work and Derivative Works thereof.
"Contribution" shall mean any work of authorship, including
the original version of the Work and any modifications or additions
to that Work or Derivative Works thereof, that is intentionally
submitted to Licensor for inclusion in the Work by the copyright owner
or by an individual or Legal Entity authorized to submit on behalf of
the copyright owner. For the purposes of this definition, "submitted"
means any form of electronic, verbal, or written communication sent
to the Licensor or its representatives, including but not limited to
communication on electronic mailing lists, source code control systems,
and issue tracking systems that are managed by, or on behalf of, the
Licensor for the purpose of discussing and improving the Work, but
excluding communication that is conspicuously marked or otherwise
designated in writing by the copyright owner as "Not a Contribution."
"Contributor" shall mean Licensor and any individual or Legal Entity
on behalf of whom a Contribution has been received by Licensor and
subsequently incorporated within the Work.
2. Grant of Copyright License. Subject to the terms and conditions of
this License, each Contributor hereby grants to You a perpetual,
worldwide, non-exclusive, no-charge, royalty-free, irrevocable
copyright license to reproduce, prepare Derivative Works of,
publicly display, publicly perform, sublicense, and distribute the
Work and such Derivative Works in Source or Object form.
3. Grant of Patent License. Subject to the terms and conditions of
this License, each Contributor hereby grants to You a perpetual,
worldwide, non-exclusive, no-charge, royalty-free, irrevocable
(except as stated in this section) patent license to make, have made,
use, offer to sell, sell, import, and otherwise transfer the Work,
where such license applies only to those patent claims licensable
by such Contributor that are necessarily infringed by their
Contribution(s) alone or by combination of their Contribution(s)
with the Work to which such Contribution(s) was submitted. If You
institute patent litigation against any entity (including a
cross-claim or counterclaim in a lawsuit) alleging that the Work
or a Contribution incorporated within the Work constitutes direct
or contributory patent infringement, then any patent licenses
granted to You under this License for that Work shall terminate
as of the date such litigation is filed.
4. Redistribution. You may reproduce and distribute copies of the
Work or Derivative Works thereof in any medium, with or without
modifications, and in Source or Object form, provided that You
meet the following conditions:
(a) You must give any other recipients of the Work or
Derivative Works a copy of this License; and
(b) You must cause any modified files to carry prominent notices
stating that You changed the files; and
(c) You must retain, in the Source form of any Derivative Works
that You distribute, all copyright, patent, trademark, and
attribution notices from the Source form of the Work,
excluding those notices that do not pertain to any part of
the Derivative Works; and
(d) If the Work includes a "NOTICE" text file as part of its
distribution, then any Derivative Works that You distribute must
include a readable copy of the attribution notices contained
within such NOTICE file, excluding those notices that do not
pertain to any part of the Derivative Works, in at least one
of the following places: within a NOTICE text file distributed
as part of the Derivative Works; within the Source form or
documentation, if provided along with the Derivative Works; or,
within a display generated by the Derivative Works, if and
wherever such third-party notices normally appear. The contents
of the NOTICE file are for informational purposes only and
do not modify the License. You may add Your own attribution
notices within Derivative Works that You distribute, alongside
or as an addendum to the NOTICE text from the Work, provided
that such additional attribution notices cannot be construed
as modifying the License.
You may add Your own copyright statement to Your modifications and
may provide additional or different license terms and conditions
for use, reproduction, or distribution of Your modifications, or
for any such Derivative Works as a whole, provided Your use,
reproduction, and distribution of the Work otherwise complies with
the conditions stated in this License.
5. Submission of Contributions. Unless You explicitly state otherwise,
any Contribution intentionally submitted for inclusion in the Work
by You to the Licensor shall be under the terms and conditions of
this License, without any additional terms or conditions.
Notwithstanding the above, nothing herein shall supersede or modify
the terms of any separate license agreement you may have executed
with Licensor regarding such Contributions.
6. Trademarks. This License does not grant permission to use the trade
names, trademarks, service marks, or product names of the Licensor,
except as required for reasonable and customary use in describing the
origin of the Work and reproducing the content of the NOTICE file.
7. Disclaimer of Warranty. Unless required by applicable law or
agreed to in writing, Licensor provides the Work (and each
Contributor provides its Contributions) on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
implied, including, without limitation, any warranties or conditions
of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
PARTICULAR PURPOSE. You are solely responsible for determining the
appropriateness of using or redistributing the Work and assume any
risks associated with Your exercise of permissions under this License.
8. Limitation of Liability. In no event and under no legal theory,
whether in tort (including negligence), contract, or otherwise,
unless required by applicable law (such as deliberate and grossly
negligent acts) or agreed to in writing, shall any Contributor be
liable to You for damages, including any direct, indirect, special,
incidental, or consequential damages of any character arising as a
result of this License or out of the use or inability to use the
Work (including but not limited to damages for loss of goodwill,
work stoppage, computer failure or malfunction, or any and all
other commercial damages or losses), even if such Contributor
has been advised of the possibility of such damages.
9. Accepting Warranty or Additional Liability. While redistributing
the Work or Derivative Works thereof, You may choose to offer,
and charge a fee for, acceptance of support, warranty, indemnity,
or other liability obligations and/or rights consistent with this
License. However, in accepting such obligations, You may act only
on Your own behalf and on Your sole responsibility, not on behalf
of any other Contributor, and only if You agree to indemnify,
defend, and hold each Contributor harmless for any liability
incurred by, or claims asserted against, such Contributor by reason
of your accepting any such warranty or additional liability.
END OF TERMS AND CONDITIONS
APPENDIX: How to apply the Apache License to your work.
To apply the Apache License to your work, attach the following
boilerplate notice, with the fields enclosed by brackets "[]"
replaced with your own identifying information. (Don't include
the brackets!) The text should be enclosed in the appropriate
comment syntax for the file format. We also recommend that a
file or class name and description of purpose be included on the
same "printed page" as the copyright notice for easier
identification within third-party archives.
Copyright [yyyy] [name of copyright owner]
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.

58
java/ql/test/stubs/apache-commons-email-1.6.0/org/apache/commons/mail/DefaultAuthenticator.java Normal file
View File

@@ -0,0 +1,58 @@
/*
* Licensed to the Apache Software Foundation (ASF) under one or more
* contributor license agreements. See the NOTICE file distributed with
* this work for additional information regarding copyright ownership.
* The ASF licenses this file to You under the Apache License, Version 2.0
* (the "License"); you may not use this file except in compliance with
* the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.apache.commons.mail;
import javax.mail.Authenticator;
import javax.mail.PasswordAuthentication;
/**
* This is a very simple authentication object that can be used for any
* transport needing basic userName and password type authentication.
*
* @since 1.0
*/
public class DefaultAuthenticator extends Authenticator
{
/** Stores the login information for authentication. */
private final PasswordAuthentication authentication;
/**
* Default constructor.
*
* @param userName user name to use when authentication is requested
* @param password password to use when authentication is requested
* @since 1.0
*/
public DefaultAuthenticator(final String userName, final String password)
{
this.authentication = new PasswordAuthentication(userName, password);
}
/**
* Gets the authentication object that will be used to login to the mail
* server.
*
* @return A {@code PasswordAuthentication} object containing the
* login information.
* @since 1.0
*/
@Override
protected PasswordAuthentication getPasswordAuthentication()
{
return this.authentication;
}
}

805
java/ql/test/stubs/apache-commons-email-1.6.0/org/apache/commons/mail/Email.java Normal file
View File

@@ -0,0 +1,805 @@
/*
* Licensed to the Apache Software Foundation (ASF) under one or more
* contributor license agreements. See the NOTICE file distributed with
* this work for additional information regarding copyright ownership.
* The ASF licenses this file to You under the Apache License, Version 2.0
* (the "License"); you may not use this file except in compliance with
* the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.apache.commons.mail;
import java.io.UnsupportedEncodingException;
import java.nio.charset.Charset;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Date;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.Properties;
import javax.mail.Authenticator;
/**
* The base class for all email messages. This class sets the sender's email
* &amp; name, receiver's email &amp; name, subject, and the sent date.
* <p>
* Subclasses are responsible for setting the message body.
*
* @since 1.0
*/
public abstract class Email {
/**
* Sets the userName and password if authentication is needed. If this method is
* not used, no authentication will be performed.
* <p>
* This method will create a new instance of {@code DefaultAuthenticator} using
* the supplied parameters.
*
* @param userName User name for the SMTP server
* @param password password for the SMTP server
* @see DefaultAuthenticator
* @see #setAuthenticator
* @since 1.0
*/
public void setAuthentication(final String userName, final String password) {
}
/**
* Sets the {@code Authenticator} to be used when authentication is requested
* from the mail server.
* <p>
* This method should be used when your outgoing mail server requires
* authentication. Your mail server must also support RFC2554.
*
* @param newAuthenticator the {@code Authenticator} object.
* @see Authenticator
* @since 1.0
*/
public void setAuthenticator(final Authenticator newAuthenticator) {
}
/**
* Set the hostname of the outgoing mail server.
*
* @param aHostName aHostName
* @throws IllegalStateException if the mail session is already initialized
* @since 1.0
*/
public void setHostName(final String aHostName) {
}
/**
* Set or disable the STARTTLS encryption. Please see EMAIL-105 for the reasons
* of deprecation.
*
* @deprecated since 1.3, use setStartTLSEnabled() instead
* @param withTLS true if STARTTLS requested, false otherwise
* @since 1.1
*/
@Deprecated
public void setTLS(final boolean withTLS) {
}
/**
* Set or disable the STARTTLS encryption.
*
* @param startTlsEnabled true if STARTTLS requested, false otherwise
* @return An Email.
* @throws IllegalStateException if the mail session is already initialized
* @since 1.3
*/
public Email setStartTLSEnabled(final boolean startTlsEnabled) {
return null;
}
/**
* Set or disable the required STARTTLS encryption.
* <p>
* Defaults to {@link #smtpPort}; can be overridden by using
* {@link #setSmtpPort(int)}
*
* @param startTlsRequired true if STARTTLS requested, false otherwise
* @return An Email.
* @throws IllegalStateException if the mail session is already initialized
* @since 1.3
*/
public Email setStartTLSRequired(final boolean startTlsRequired) {
return null;
}
/**
* Set the non-SSL port number of the outgoing mail server.
*
* @param aPortNumber aPortNumber
* @throws IllegalArgumentException if the port number is &lt; 1
* @throws IllegalStateException if the mail session is already initialized
* @since 1.0
* @see #setSslSmtpPort(String)
*/
public void setSmtpPort(final int aPortNumber) {
}
/**
* Set the FROM field of the email to use the specified address. The email
* address will also be used as the personal name. The name will be encoded by
* the charset of {@link #setCharset(java.lang.String) setCharset()}. If it is
* not set, it will be encoded using the Java platform's default charset
* (UTF-16) if it contains non-ASCII characters; otherwise, it is used as is.
*
* @param email A String.
* @return An Email.
* @throws EmailException Indicates an invalid email address.
* @since 1.0
*/
public Email setFrom(final String email) throws EmailException {
return null;
}
/**
* Set the FROM field of the email to use the specified address and the
* specified personal name. The name will be encoded by the charset of
* {@link #setCharset(java.lang.String) setCharset()}. If it is not set, it will
* be encoded using the Java platform's default charset (UTF-16) if it contains
* non-ASCII characters; otherwise, it is used as is.
*
* @param email A String.
* @param name A String.
* @return An Email.
* @throws EmailException Indicates an invalid email address.
* @since 1.0
*/
public Email setFrom(final String email, final String name) throws EmailException {
return null;
}
/**
* Set the FROM field of the email to use the specified address, personal name,
* and charset encoding for the name.
*
* @param email A String.
* @param name A String.
* @param charset The charset to encode the name with.
* @return An Email.
* @throws EmailException Indicates an invalid email address or charset.
* @since 1.1
*/
public Email setFrom(final String email, final String name, final String charset) throws EmailException {
return null;
}
/**
* Add a recipient TO to the email. The email address will also be used as the
* personal name. The name will be encoded by the charset of
* {@link #setCharset(java.lang.String) setCharset()}. If it is not set, it will
* be encoded using the Java platform's default charset (UTF-16) if it contains
* non-ASCII characters; otherwise, it is used as is.
*
* @param email A String.
* @return An Email.
* @throws EmailException Indicates an invalid email address.
* @since 1.0
*/
public Email addTo(final String email) throws EmailException {
return null;
}
/**
* Add a list of TO recipients to the email. The email addresses will also be
* used as the personal names. The names will be encoded by the charset of
* {@link #setCharset(java.lang.String) setCharset()}. If it is not set, it will
* be encoded using the Java platform's default charset (UTF-16) if it contains
* non-ASCII characters; otherwise, it is used as is.
*
* @param emails A String array.
* @return An Email.
* @throws EmailException Indicates an invalid email address.
* @since 1.3
*/
public Email addTo(final String... emails) throws EmailException {
return null;
}
/**
* Add a recipient TO to the email using the specified address and the specified
* personal name. The name will be encoded by the charset of
* {@link #setCharset(java.lang.String) setCharset()}. If it is not set, it will
* be encoded using the Java platform's default charset (UTF-16) if it contains
* non-ASCII characters; otherwise, it is used as is.
*
* @param email A String.
* @param name A String.
* @return An Email.
* @throws EmailException Indicates an invalid email address.
* @since 1.0
*/
public Email addTo(final String email, final String name) throws EmailException {
return null;
}
/**
* Add a recipient TO to the email using the specified address, personal name,
* and charset encoding for the name.
*
* @param email A String.
* @param name A String.
* @param charset The charset to encode the name with.
* @return An Email.
* @throws EmailException Indicates an invalid email address or charset.
* @since 1.1
*/
public Email addTo(final String email, final String name, final String charset) throws EmailException {
return null;
}
/**
* Add a recipient CC to the email. The email address will also be used as the
* personal name. The name will be encoded by the charset of
* {@link #setCharset(java.lang.String) setCharset()}. If it is not set, it will
* be encoded using the Java platform's default charset (UTF-16) if it contains
* non-ASCII characters; otherwise, it is used as is.
*
* @param email A String.
* @return An Email.
* @throws EmailException Indicates an invalid email address.
* @since 1.0
*/
public Email addCc(final String email) throws EmailException {
return null;
}
/**
* Add an array of CC recipients to the email. The email addresses will also be
* used as the personal name. The names will be encoded by the charset of
* {@link #setCharset(java.lang.String) setCharset()}. If it is not set, it will
* be encoded using the Java platform's default charset (UTF-16) if it contains
* non-ASCII characters; otherwise, it is used as is.
*
* @param emails A String array.
* @return An Email.
* @throws EmailException Indicates an invalid email address.
* @since 1.3
*/
public Email addCc(final String... emails) throws EmailException {
return null;
}
/**
* Add a recipient CC to the email using the specified address and the specified
* personal name. The name will be encoded by the charset of
* {@link #setCharset(java.lang.String) setCharset()}. If it is not set, it will
* be encoded using the Java platform's default charset (UTF-16) if it contains
* non-ASCII characters; otherwise, it is used as is.
*
* @param email A String.
* @param name A String.
* @return An Email.
* @throws EmailException Indicates an invalid email address.
* @since 1.0
*/
public Email addCc(final String email, final String name) throws EmailException {
return null;
}
/**
* Add a recipient CC to the email using the specified address, personal name,
* and charset encoding for the name.
*
* @param email A String.
* @param name A String.
* @param charset The charset to encode the name with.
* @return An Email.
* @throws EmailException Indicates an invalid email address or charset.
* @since 1.1
*/
public Email addCc(final String email, final String name, final String charset) throws EmailException {
return null;
}
/**
* Add a blind BCC recipient to the email. The email address will also be used
* as the personal name. The name will be encoded by the charset of
* {@link #setCharset(java.lang.String) setCharset()}. If it is not set, it will
* be encoded using the Java platform's default charset (UTF-16) if it contains
* non-ASCII characters; otherwise, it is used as is.
*
* @param email A String.
* @return An Email.
* @throws EmailException Indicates an invalid email address
* @since 1.0
*/
public Email addBcc(final String email) throws EmailException {
return null;
}
/**
* Add an array of blind BCC recipients to the email. The email addresses will
* also be used as the personal name. The names will be encoded by the charset
* of {@link #setCharset(java.lang.String) setCharset()}. If it is not set, it
* will be encoded using the Java platform's default charset (UTF-16) if it
* contains non-ASCII characters; otherwise, it is used as is.
*
* @param emails A String array.
* @return An Email.
* @throws EmailException Indicates an invalid email address
* @since 1.3
*/
public Email addBcc(final String... emails) throws EmailException {
return null;
}
/**
* Add a blind BCC recipient to the email using the specified address and the
* specified personal name. The name will be encoded by the charset of
* {@link #setCharset(java.lang.String) setCharset()}. If it is not set, it will
* be encoded using the Java platform's default charset (UTF-16) if it contains
* non-ASCII characters; otherwise, it is used as is.
*
* @param email A String.
* @param name A String.
* @return An Email.
* @throws EmailException Indicates an invalid email address
* @since 1.0
*/
public Email addBcc(final String email, final String name) throws EmailException {
return null;
}
/**
* Add a blind BCC recipient to the email using the specified address, personal
* name, and charset encoding for the name.
*
* @param email A String.
* @param name A String.
* @param charset The charset to encode the name with.
* @return An Email.
* @throws EmailException Indicates an invalid email address
* @since 1.1
*/
public Email addBcc(final String email, final String name, final String charset) throws EmailException {
return null;
}
/**
* Add a reply to address to the email. The email address will also be used as
* the personal name. The name will be encoded by the charset of
* {@link #setCharset(java.lang.String) setCharset()}. If it is not set, it will
* be encoded using the Java platform's default charset (UTF-16) if it contains
* non-ASCII characters; otherwise, it is used as is.
*
* @param email A String.
* @return An Email.
* @throws EmailException Indicates an invalid email address
* @since 1.0
*/
public Email addReplyTo(final String email) throws EmailException {
return null;
}
/**
* Add a reply to address to the email using the specified address and the
* specified personal name. The name will be encoded by the charset of
* {@link #setCharset(java.lang.String) setCharset()}. If it is not set, it will
* be encoded using the Java platform's default charset (UTF-16) if it contains
* non-ASCII characters; otherwise, it is used as is.
*
* @param email A String.
* @param name A String.
* @return An Email.
* @throws EmailException Indicates an invalid email address
* @since 1.0
*/
public Email addReplyTo(final String email, final String name) throws EmailException {
return null;
}
/**
* Add a reply to address to the email using the specified address, personal
* name, and charset encoding for the name.
*
* @param email A String.
* @param name A String.
* @param charset The charset to encode the name with.
* @return An Email.
* @throws EmailException Indicates an invalid email address or charset.
* @since 1.1
*/
public Email addReplyTo(final String email, final String name, final String charset) throws EmailException {
return null;
}
/**
* Used to specify the mail headers. Example:
*
* X-Mailer: Sendmail, X-Priority: 1( highest ) or 2( high ) 3( normal ) 4( low
* ) and 5( lowest ) Disposition-Notification-To: user@domain.net
*
* @param map A Map.
* @throws IllegalArgumentException if either of the provided header / value is
* null or empty
* @since 1.0
*/
public void setHeaders(final Map<String, String> map) {
}
/**
* Adds a header ( name, value ) to the headers Map.
*
* @param name A String with the name.
* @param value A String with the value.
* @since 1.0
* @throws IllegalArgumentException if either {@code name} or {@code value} is
* null or empty
*/
public void addHeader(final String name, final String value) {
}
/**
* Gets the specified header.
*
* @param header A string with the header.
* @return The value of the header, or null if no such header.
* @since 1.5
*/
public String getHeader(final String header) {
return null;
}
/**
* Gets all headers on an Email.
*
* @return a Map of all headers.
* @since 1.5
*/
public Map<String, String> getHeaders() {
return null;
}
/**
* Sets the email subject. Replaces end-of-line characters with spaces.
*
* @param aSubject A String.
* @return An Email.
* @since 1.0
*/
public Email setSubject(final String aSubject) {
return null;
}
/**
* Gets the "bounce address" of this email.
*
* @return the bounce address as string
* @since 1.4
*/
public String getBounceAddress() {
return null;
}
/**
* Set the "bounce address" - the address to which undeliverable messages will
* be returned. If this value is never set, then the message will be sent to the
* address specified with the System property "mail.smtp.from", or if that value
* is not set, then to the "from" address.
*
* @param email A String.
* @return An Email.
* @throws IllegalStateException if the mail session is already initialized
* @since 1.0
*/
public Email setBounceAddress(final String email) {
return null;
}
/**
* Define the content of the mail. It should be overridden by the subclasses.
*
* @param msg A String.
* @return An Email.
* @throws EmailException generic exception.
* @since 1.0
*/
public abstract Email setMsg(String msg) throws EmailException;
/**
* Does the work of actually building the MimeMessage. Please note that a user
* rarely calls this method directly and only if he/she is interested in the
* sending the underlying MimeMessage without commons-email.
*
* @throws IllegalStateException if the MimeMessage was already built
* @throws EmailException if there was an error.
* @since 1.0
*/
public void buildMimeMessage() throws EmailException {
}
/**
* Sends the previously created MimeMessage to the SMTP server.
*
* @return the message id of the underlying MimeMessage
* @throws IllegalArgumentException if the MimeMessage has not been created
* @throws EmailException the sending failed
*/
public String sendMimeMessage() throws EmailException {
return null;
}
/**
* Sends the email. Internally we build a MimeMessage which is afterwards sent
* to the SMTP server.
*
* @return the message id of the underlying MimeMessage
* @throws IllegalStateException if the MimeMessage was already built, ie
* {@link #buildMimeMessage()} was already called
* @throws EmailException the sending failed
*/
public String send() throws EmailException {
return null;
}
/**
* Sets the sent date for the email. The sent date will default to the current
* date if not explicitly set.
*
* @param date Date to use as the sent date on the email
* @since 1.0
*/
public void setSentDate(final Date date) {
}
/**
* Gets the sent date for the email.
*
* @return date to be used as the sent date for the email
* @since 1.0
*/
public Date getSentDate() {
return null;
}
/**
* Gets the subject of the email.
*
* @return email subject
*/
public String getSubject() {
return null;
}
/**
* Gets the host name of the SMTP server,
*
* @return host name
*/
public String getHostName() {
return null;
}
/**
* Gets the listening port of the SMTP server.
*
* @return smtp port
*/
public String getSmtpPort() {
return null;
}
/**
* Gets whether the client is configured to require STARTTLS.
*
* @return true if using STARTTLS for authentication, false otherwise
* @since 1.3
*/
public boolean isStartTLSRequired() {
return false;
}
/**
* Gets whether the client is configured to try to enable STARTTLS.
*
* @return true if using STARTTLS for authentication, false otherwise
* @since 1.3
*/
public boolean isStartTLSEnabled() {
return false;
}
/**
* Gets whether the client is configured to try to enable STARTTLS. See
* EMAIL-105 for reason of deprecation.
*
* @deprecated since 1.3, use isStartTLSEnabled() instead
* @return true if using STARTTLS for authentication, false otherwise
* @since 1.1
*/
@Deprecated
public boolean isTLS() {
return false;
}
/**
* Set details regarding "pop3 before smtp" authentication.
*
* @param newPopBeforeSmtp Whether or not to log into pop3 server before sending
* mail.
* @param newPopHost The pop3 host to use.
* @param newPopUsername The pop3 username.
* @param newPopPassword The pop3 password.
* @since 1.0
*/
public void setPopBeforeSmtp(final boolean newPopBeforeSmtp, final String newPopHost, final String newPopUsername,
final String newPopPassword) {
}
/**
* Returns whether SSL/TLS encryption for the transport is currently enabled
* (SMTPS/POPS). See EMAIL-105 for reason of deprecation.
*
* @deprecated since 1.3, use isSSLOnConnect() instead
* @return true if SSL enabled for the transport
*/
@Deprecated
public boolean isSSL() {
return false;
}
/**
* Returns whether SSL/TLS encryption for the transport is currently enabled
* (SMTPS/POPS).
*
* @return true if SSL enabled for the transport
* @since 1.3
*/
public boolean isSSLOnConnect() {
return false;
}
/**
* Sets whether SSL/TLS encryption should be enabled for the SMTP transport upon
* connection (SMTPS/POPS). See EMAIL-105 for reason of deprecation.
*
* @deprecated since 1.3, use setSSLOnConnect() instead
* @param ssl whether to enable the SSL transport
*/
@Deprecated
public void setSSL(final boolean ssl) {
}
/**
* Sets whether SSL/TLS encryption should be enabled for the SMTP transport upon
* connection (SMTPS/POPS). Takes precedence over
* {@link #setStartTLSRequired(boolean)}
* <p>
* Defaults to {@link #sslSmtpPort}; can be overridden by using
* {@link #setSslSmtpPort(String)}
*
* @param ssl whether to enable the SSL transport
* @return An Email.
* @throws IllegalStateException if the mail session is already initialized
* @since 1.3
*/
public Email setSSLOnConnect(final boolean ssl) {
return null;
}
/**
* Is the server identity checked as specified by RFC 2595
*
* @return true if the server identity is checked
* @since 1.3
*/
public boolean isSSLCheckServerIdentity() {
return false;
}
/**
* Sets whether the server identity is checked as specified by RFC 2595
*
* @param sslCheckServerIdentity whether to enable server identity check
* @return An Email.
* @throws IllegalStateException if the mail session is already initialized
* @since 1.3
*/
public Email setSSLCheckServerIdentity(final boolean sslCheckServerIdentity) {
return null;
}
/**
* Returns the current SSL port used by the SMTP transport.
*
* @return the current SSL port used by the SMTP transport
*/
public String getSslSmtpPort() {
return null;
}
/**
* Sets the SSL port to use for the SMTP transport. Defaults to the standard
* port, 465.
*
* @param sslSmtpPort the SSL port to use for the SMTP transport
* @throws IllegalStateException if the mail session is already initialized
* @see #setSmtpPort(int)
*/
public void setSslSmtpPort(final String sslSmtpPort) {
}
/**
* If partial sending of email enabled.
*
* @return true if sending partial email is enabled
* @since 1.3.2
*/
public boolean isSendPartial() {
return false;
}
/**
* Sets whether the email is partially send in case of invalid addresses.
* <p>
* In case the mail server rejects an address as invalid, the call to
* {@link #send()} may throw a {@link javax.mail.SendFailedException}, even if
* partial send mode is enabled (emails to valid addresses will be transmitted).
* In case the email server does not reject invalid addresses immediately, but
* return a bounce message, no exception will be thrown by the {@link #send()}
* method.
*
* @param sendPartial whether to enable partial send mode
* @return An Email.
* @throws IllegalStateException if the mail session is already initialized
* @since 1.3.2
*/
public Email setSendPartial(final boolean sendPartial) {
return null;
}
/**
* Get the socket connection timeout value in milliseconds.
*
* @return the timeout in milliseconds.
* @since 1.2
*/
public int getSocketConnectionTimeout() {
return -1;
}
/**
* Set the socket connection timeout value in milliseconds. Default is a 60
* second timeout.
*
* @param socketConnectionTimeout the connection timeout
* @throws IllegalStateException if the mail session is already initialized
* @since 1.2
*/
public void setSocketConnectionTimeout(final int socketConnectionTimeout) {
}
/**
* Get the socket I/O timeout value in milliseconds.
*
* @return the socket I/O timeout
* @since 1.2
*/
public int getSocketTimeout() {
return -1;
}
/**
* Set the socket I/O timeout value in milliseconds. Default is 60 second
* timeout.
*
* @param socketTimeout the socket I/O timeout
* @throws IllegalStateException if the mail session is already initialized
* @since 1.2
*/
public void setSocketTimeout(final int socketTimeout) {
}
}

101
java/ql/test/stubs/apache-commons-email-1.6.0/org/apache/commons/mail/EmailException.java Normal file
View File

@@ -0,0 +1,101 @@
/*
* Licensed to the Apache Software Foundation (ASF) under one or more
* contributor license agreements. See the NOTICE file distributed with
* this work for additional information regarding copyright ownership.
* The ASF licenses this file to You under the Apache License, Version 2.0
* (the "License"); you may not use this file except in compliance with
* the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.apache.commons.mail;
import java.io.PrintStream;
import java.io.PrintWriter;
/**
* Exception thrown when a checked error occurs in commons-email.
* <p>
* Adapted from FunctorException in Commons Collections.
* <p>
* Emulation support for nested exceptions has been removed in
* {@code Email 1.3}, supported by JDK &ge; 1.4.
*
* @since 1.0
*/
public class EmailException extends Exception {
/**
* Constructs a new {@code EmailException} with no detail message.
*/
public EmailException() {
super();
}
/**
* Constructs a new {@code EmailException} with specified detail message.
*
* @param msg the error message.
*/
public EmailException(final String msg) {
super(msg);
}
/**
* Constructs a new {@code EmailException} with specified nested
* {@code Throwable} root cause.
*
* @param rootCause the exception or error that caused this exception to be
* thrown.
*/
public EmailException(final Throwable rootCause) {
super(rootCause);
}
/**
* Constructs a new {@code EmailException} with specified detail message and
* nested {@code Throwable} root cause.
*
* @param msg the error message.
* @param rootCause the exception or error that caused this exception to be
* thrown.
*/
public EmailException(final String msg, final Throwable rootCause) {
super(msg, rootCause);
}
/**
* Prints the stack trace of this exception to the standard error stream.
*/
@Override
public void printStackTrace() {
printStackTrace(System.err);
}
/**
* Prints the stack trace of this exception to the specified stream.
*
* @param out the {@code PrintStream} to use for output
*/
@Override
public void printStackTrace(final PrintStream out) {
}
/**
* Prints the stack trace of this exception to the specified writer.
*
* @param out the {@code PrintWriter} to use for output
*/
@Override
public void printStackTrace(final PrintWriter out) {
synchronized (out) {
super.printStackTrace(out);
}
}
}

41
java/ql/test/stubs/apache-commons-email-1.6.0/org/apache/commons/mail/SimpleEmail.java Normal file
View File

@@ -0,0 +1,41 @@
/*
* Licensed to the Apache Software Foundation (ASF) under one or more
* contributor license agreements. See the NOTICE file distributed with
* this work for additional information regarding copyright ownership.
* The ASF licenses this file to You under the Apache License, Version 2.0
* (the "License"); you may not use this file except in compliance with
* the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.apache.commons.mail;
/**
* This class is used to send simple internet email messages without
* attachments.
*
* @since 1.0
*/
public class SimpleEmail extends Email
{
/**
* Set the content of the mail.
*
* @param msg A String.
* @return An Email.
* @throws EmailException see javax.mail.internet.MimeBodyPart
* for definitions
* @since 1.0
*/
@Override
public Email setMsg(final String msg) throws EmailException
{
return null;
}
}

759
java/ql/test/stubs/javamail-api-1.6.2/LICENSE.txt Normal file
View File

@@ -0,0 +1,759 @@
COMMON DEVELOPMENT AND DISTRIBUTION LICENSE (CDDL) Version 1.1
1. Definitions.
1.1. "Contributor" means each individual or entity that creates or
contributes to the creation of Modifications.
1.2. "Contributor Version" means the combination of the Original
Software, prior Modifications used by a Contributor (if any), and
the Modifications made by that particular Contributor.
1.3. "Covered Software" means (a) the Original Software, or (b)
Modifications, or (c) the combination of files containing Original
Software with files containing Modifications, in each case including
portions thereof.
1.4. "Executable" means the Covered Software in any form other than
Source Code.
1.5. "Initial Developer" means the individual or entity that first
makes Original Software available under this License.
1.6. "Larger Work" means a work which combines Covered Software or
portions thereof with code not governed by the terms of this License.
1.7. "License" means this document.
1.8. "Licensable" means having the right to grant, to the maximum
extent possible, whether at the time of the initial grant or
subsequently acquired, any and all of the rights conveyed herein.
1.9. "Modifications" means the Source Code and Executable form of
any of the following:
A. Any file that results from an addition to, deletion from or
modification of the contents of a file containing Original Software
or previous Modifications;
B. Any new file that contains any part of the Original Software or
previous Modification; or
C. Any new file that is contributed or otherwise made available
under the terms of this License.
1.10. "Original Software" means the Source Code and Executable form
of computer software code that is originally released under this
License.
1.11. "Patent Claims" means any patent claim(s), now owned or
hereafter acquired, including without limitation, method, process,
and apparatus claims, in any patent Licensable by grantor.
1.12. "Source Code" means (a) the common form of computer software
code in which modifications are made and (b) associated
documentation included in or with such code.
1.13. "You" (or "Your") means an individual or a legal entity
exercising rights under, and complying with all of the terms of,
this License. For legal entities, "You" includes any entity which
controls, is controlled by, or is under common control with You. For
purposes of this definition, "control" means (a) the power, direct
or indirect, to cause the direction or management of such entity,
whether by contract or otherwise, or (b) ownership of more than
fifty percent (50%) of the outstanding shares or beneficial
ownership of such entity.
2. License Grants.
2.1. The Initial Developer Grant.
Conditioned upon Your compliance with Section 3.1 below and subject
to third party intellectual property claims, the Initial Developer
hereby grants You a world-wide, royalty-free, non-exclusive license:
(a) under intellectual property rights (other than patent or
trademark) Licensable by Initial Developer, to use, reproduce,
modify, display, perform, sublicense and distribute the Original
Software (or portions thereof), with or without Modifications,
and/or as part of a Larger Work; and
(b) under Patent Claims infringed by the making, using or selling of
Original Software, to make, have made, use, practice, sell, and
offer for sale, and/or otherwise dispose of the Original Software
(or portions thereof).
(c) The licenses granted in Sections 2.1(a) and (b) are effective on
the date Initial Developer first distributes or otherwise makes the
Original Software available to a third party under the terms of this
License.
(d) Notwithstanding Section 2.1(b) above, no patent license is
granted: (1) for code that You delete from the Original Software, or
(2) for infringements caused by: (i) the modification of the
Original Software, or (ii) the combination of the Original Software
with other software or devices.
2.2. Contributor Grant.
Conditioned upon Your compliance with Section 3.1 below and subject
to third party intellectual property claims, each Contributor hereby
grants You a world-wide, royalty-free, non-exclusive license:
(a) under intellectual property rights (other than patent or
trademark) Licensable by Contributor to use, reproduce, modify,
display, perform, sublicense and distribute the Modifications
created by such Contributor (or portions thereof), either on an
unmodified basis, with other Modifications, as Covered Software
and/or as part of a Larger Work; and
(b) under Patent Claims infringed by the making, using, or selling
of Modifications made by that Contributor either alone and/or in
combination with its Contributor Version (or portions of such
combination), to make, use, sell, offer for sale, have made, and/or
otherwise dispose of: (1) Modifications made by that Contributor (or
portions thereof); and (2) the combination of Modifications made by
that Contributor with its Contributor Version (or portions of such
combination).
(c) The licenses granted in Sections 2.2(a) and 2.2(b) are effective
on the date Contributor first distributes or otherwise makes the
Modifications available to a third party.
(d) Notwithstanding Section 2.2(b) above, no patent license is
granted: (1) for any code that Contributor has deleted from the
Contributor Version; (2) for infringements caused by: (i) third
party modifications of Contributor Version, or (ii) the combination
of Modifications made by that Contributor with other software
(except as part of the Contributor Version) or other devices; or (3)
under Patent Claims infringed by Covered Software in the absence of
Modifications made by that Contributor.
3. Distribution Obligations.
3.1. Availability of Source Code.
Any Covered Software that You distribute or otherwise make available
in Executable form must also be made available in Source Code form
and that Source Code form must be distributed only under the terms
of this License. You must include a copy of this License with every
copy of the Source Code form of the Covered Software You distribute
or otherwise make available. You must inform recipients of any such
Covered Software in Executable form as to how they can obtain such
Covered Software in Source Code form in a reasonable manner on or
through a medium customarily used for software exchange.
3.2. Modifications.
The Modifications that You create or to which You contribute are
governed by the terms of this License. You represent that You
believe Your Modifications are Your original creation(s) and/or You
have sufficient rights to grant the rights conveyed by this License.
3.3. Required Notices.
You must include a notice in each of Your Modifications that
identifies You as the Contributor of the Modification. You may not
remove or alter any copyright, patent or trademark notices contained
within the Covered Software, or any notices of licensing or any
descriptive text giving attribution to any Contributor or the
Initial Developer.
3.4. Application of Additional Terms.
You may not offer or impose any terms on any Covered Software in
Source Code form that alters or restricts the applicable version of
this License or the recipients' rights hereunder. You may choose to
offer, and to charge a fee for, warranty, support, indemnity or
liability obligations to one or more recipients of Covered Software.
However, you may do so only on Your own behalf, and not on behalf of
the Initial Developer or any Contributor. You must make it
absolutely clear that any such warranty, support, indemnity or
liability obligation is offered by You alone, and You hereby agree
to indemnify the Initial Developer and every Contributor for any
liability incurred by the Initial Developer or such Contributor as a
result of warranty, support, indemnity or liability terms You offer.
3.5. Distribution of Executable Versions.
You may distribute the Executable form of the Covered Software under
the terms of this License or under the terms of a license of Your
choice, which may contain terms different from this License,
provided that You are in compliance with the terms of this License
and that the license for the Executable form does not attempt to
limit or alter the recipient's rights in the Source Code form from
the rights set forth in this License. If You distribute the Covered
Software in Executable form under a different license, You must make
it absolutely clear that any terms which differ from this License
are offered by You alone, not by the Initial Developer or
Contributor. You hereby agree to indemnify the Initial Developer and
every Contributor for any liability incurred by the Initial
Developer or such Contributor as a result of any such terms You offer.
3.6. Larger Works.
You may create a Larger Work by combining Covered Software with
other code not governed by the terms of this License and distribute
the Larger Work as a single product. In such a case, You must make
sure the requirements of this License are fulfilled for the Covered
Software.
4. Versions of the License.
4.1. New Versions.
Oracle is the initial license steward and may publish revised and/or
new versions of this License from time to time. Each version will be
given a distinguishing version number. Except as provided in Section
4.3, no one other than the license steward has the right to modify
this License.
4.2. Effect of New Versions.
You may always continue to use, distribute or otherwise make the
Covered Software available under the terms of the version of the
License under which You originally received the Covered Software. If
the Initial Developer includes a notice in the Original Software
prohibiting it from being distributed or otherwise made available
under any subsequent version of the License, You must distribute and
make the Covered Software available under the terms of the version
of the License under which You originally received the Covered
Software. Otherwise, You may also choose to use, distribute or
otherwise make the Covered Software available under the terms of any
subsequent version of the License published by the license steward.
4.3. Modified Versions.
When You are an Initial Developer and You want to create a new
license for Your Original Software, You may create and use a
modified version of this License if You: (a) rename the license and
remove any references to the name of the license steward (except to
note that the license differs from this License); and (b) otherwise
make it clear that the license contains terms which differ from this
License.
5. DISCLAIMER OF WARRANTY.
COVERED SOFTWARE IS PROVIDED UNDER THIS LICENSE ON AN "AS IS" BASIS,
WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED,
INCLUDING, WITHOUT LIMITATION, WARRANTIES THAT THE COVERED SOFTWARE
IS FREE OF DEFECTS, MERCHANTABLE, FIT FOR A PARTICULAR PURPOSE OR
NON-INFRINGING. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF
THE COVERED SOFTWARE IS WITH YOU. SHOULD ANY COVERED SOFTWARE PROVE
DEFECTIVE IN ANY RESPECT, YOU (NOT THE INITIAL DEVELOPER OR ANY
OTHER CONTRIBUTOR) ASSUME THE COST OF ANY NECESSARY SERVICING,
REPAIR OR CORRECTION. THIS DISCLAIMER OF WARRANTY CONSTITUTES AN
ESSENTIAL PART OF THIS LICENSE. NO USE OF ANY COVERED SOFTWARE IS
AUTHORIZED HEREUNDER EXCEPT UNDER THIS DISCLAIMER.
6. TERMINATION.
6.1. This License and the rights granted hereunder will terminate
automatically if You fail to comply with terms herein and fail to
cure such breach within 30 days of becoming aware of the breach.
Provisions which, by their nature, must remain in effect beyond the
termination of this License shall survive.
6.2. If You assert a patent infringement claim (excluding
declaratory judgment actions) against Initial Developer or a
Contributor (the Initial Developer or Contributor against whom You
assert such claim is referred to as "Participant") alleging that the
Participant Software (meaning the Contributor Version where the
Participant is a Contributor or the Original Software where the
Participant is the Initial Developer) directly or indirectly
infringes any patent, then any and all rights granted directly or
indirectly to You by such Participant, the Initial Developer (if the
Initial Developer is not the Participant) and all Contributors under
Sections 2.1 and/or 2.2 of this License shall, upon 60 days notice
from Participant terminate prospectively and automatically at the
expiration of such 60 day notice period, unless if within such 60
day period You withdraw Your claim with respect to the Participant
Software against such Participant either unilaterally or pursuant to
a written agreement with Participant.
6.3. If You assert a patent infringement claim against Participant
alleging that the Participant Software directly or indirectly
infringes any patent where such claim is resolved (such as by
license or settlement) prior to the initiation of patent
infringement litigation, then the reasonable value of the licenses
granted by such Participant under Sections 2.1 or 2.2 shall be taken
into account in determining the amount or value of any payment or
license.
6.4. In the event of termination under Sections 6.1 or 6.2 above,
all end user licenses that have been validly granted by You or any
distributor hereunder prior to termination (excluding licenses
granted to You by any distributor) shall survive termination.
7. LIMITATION OF LIABILITY.
UNDER NO CIRCUMSTANCES AND UNDER NO LEGAL THEORY, WHETHER TORT
(INCLUDING NEGLIGENCE), CONTRACT, OR OTHERWISE, SHALL YOU, THE
INITIAL DEVELOPER, ANY OTHER CONTRIBUTOR, OR ANY DISTRIBUTOR OF
COVERED SOFTWARE, OR ANY SUPPLIER OF ANY OF SUCH PARTIES, BE LIABLE
TO ANY PERSON FOR ANY INDIRECT, SPECIAL, INCIDENTAL, OR
CONSEQUENTIAL DAMAGES OF ANY CHARACTER INCLUDING, WITHOUT
LIMITATION, DAMAGES FOR LOSS OF GOODWILL, WORK STOPPAGE, COMPUTER
FAILURE OR MALFUNCTION, OR ANY AND ALL OTHER COMMERCIAL DAMAGES OR
LOSSES, EVEN IF SUCH PARTY SHALL HAVE BEEN INFORMED OF THE
POSSIBILITY OF SUCH DAMAGES. THIS LIMITATION OF LIABILITY SHALL NOT
APPLY TO LIABILITY FOR DEATH OR PERSONAL INJURY RESULTING FROM SUCH
PARTY'S NEGLIGENCE TO THE EXTENT APPLICABLE LAW PROHIBITS SUCH
LIMITATION. SOME JURISDICTIONS DO NOT ALLOW THE EXCLUSION OR
LIMITATION OF INCIDENTAL OR CONSEQUENTIAL DAMAGES, SO THIS EXCLUSION
AND LIMITATION MAY NOT APPLY TO YOU.
8. U.S. GOVERNMENT END USERS.
The Covered Software is a "commercial item," as that term is defined
in 48 C.F.R. 2.101 (Oct. 1995), consisting of "commercial computer
software" (as that term is defined at 48 C.F.R. <20>
252.227-7014(a)(1)) and "commercial computer software documentation"
as such terms are used in 48 C.F.R. 12.212 (Sept. 1995). Consistent
with 48 C.F.R. 12.212 and 48 C.F.R. 227.7202-1 through 227.7202-4
(June 1995), all U.S. Government End Users acquire Covered Software
with only those rights set forth herein. This U.S. Government Rights
clause is in lieu of, and supersedes, any other FAR, DFAR, or other
clause or provision that addresses Government rights in computer
software under this License.
9. MISCELLANEOUS.
This License represents the complete agreement concerning subject
matter hereof. If any provision of this License is held to be
unenforceable, such provision shall be reformed only to the extent
necessary to make it enforceable. This License shall be governed by
the law of the jurisdiction specified in a notice contained within
the Original Software (except to the extent applicable law, if any,
provides otherwise), excluding such jurisdiction's conflict-of-law
provisions. Any litigation relating to this License shall be subject
to the jurisdiction of the courts located in the jurisdiction and
venue specified in a notice contained within the Original Software,
with the losing party responsible for costs, including, without
limitation, court costs and reasonable attorneys' fees and expenses.
The application of the United Nations Convention on Contracts for
the International Sale of Goods is expressly excluded. Any law or
regulation which provides that the language of a contract shall be
construed against the drafter shall not apply to this License. You
agree that You alone are responsible for compliance with the United
States export administration regulations (and the export control
laws and regulation of any other countries) when You use, distribute
or otherwise make available any Covered Software.
10. RESPONSIBILITY FOR CLAIMS.
As between Initial Developer and the Contributors, each party is
responsible for claims and damages arising, directly or indirectly,
out of its utilization of rights under this License and You agree to
work with Initial Developer and Contributors to distribute such
responsibility on an equitable basis. Nothing herein is intended or
shall be deemed to constitute any admission of liability.
------------------------------------------------------------------------
NOTICE PURSUANT TO SECTION 9 OF THE COMMON DEVELOPMENT AND DISTRIBUTION
LICENSE (CDDL)
The code released under the CDDL shall be governed by the laws of the
State of California (excluding conflict-of-law provisions). Any
litigation relating to this License shall be subject to the jurisdiction
of the Federal Courts of the Northern District of California and the
state courts of the State of California, with venue lying in Santa Clara
County, California.
The GNU General Public License (GPL) Version 2, June 1991
Copyright (C) 1989, 1991 Free Software Foundation, Inc.
51 Franklin Street, Fifth Floor
Boston, MA 02110-1335
USA
Everyone is permitted to copy and distribute verbatim copies
of this license document, but changing it is not allowed.
Preamble
The licenses for most software are designed to take away your freedom to
share and change it. By contrast, the GNU General Public License is
intended to guarantee your freedom to share and change free software--to
make sure the software is free for all its users. This General Public
License applies to most of the Free Software Foundation's software and
to any other program whose authors commit to using it. (Some other Free
Software Foundation software is covered by the GNU Library General
Public License instead.) You can apply it to your programs, too.
When we speak of free software, we are referring to freedom, not price.
Our General Public Licenses are designed to make sure that you have the
freedom to distribute copies of free software (and charge for this
service if you wish), that you receive source code or can get it if you
want it, that you can change the software or use pieces of it in new
free programs; and that you know you can do these things.
To protect your rights, we need to make restrictions that forbid anyone
to deny you these rights or to ask you to surrender the rights. These
restrictions translate to certain responsibilities for you if you
distribute copies of the software, or if you modify it.
For example, if you distribute copies of such a program, whether gratis
or for a fee, you must give the recipients all the rights that you have.
You must make sure that they, too, receive or can get the source code.
And you must show them these terms so they know their rights.
We protect your rights with two steps: (1) copyright the software, and
(2) offer you this license which gives you legal permission to copy,
distribute and/or modify the software.
Also, for each author's protection and ours, we want to make certain
that everyone understands that there is no warranty for this free
software. If the software is modified by someone else and passed on, we
want its recipients to know that what they have is not the original, so
that any problems introduced by others will not reflect on the original
authors' reputations.
Finally, any free program is threatened constantly by software patents.
We wish to avoid the danger that redistributors of a free program will
individually obtain patent licenses, in effect making the program
proprietary. To prevent this, we have made it clear that any patent must
be licensed for everyone's free use or not licensed at all.
The precise terms and conditions for copying, distribution and
modification follow.
TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION
0. This License applies to any program or other work which contains a
notice placed by the copyright holder saying it may be distributed under
the terms of this General Public License. The "Program", below, refers
to any such program or work, and a "work based on the Program" means
either the Program or any derivative work under copyright law: that is
to say, a work containing the Program or a portion of it, either
verbatim or with modifications and/or translated into another language.
(Hereinafter, translation is included without limitation in the term
"modification".) Each licensee is addressed as "you".
Activities other than copying, distribution and modification are not
covered by this License; they are outside its scope. The act of running
the Program is not restricted, and the output from the Program is
covered only if its contents constitute a work based on the Program
(independent of having been made by running the Program). Whether that
is true depends on what the Program does.
1. You may copy and distribute verbatim copies of the Program's source
code as you receive it, in any medium, provided that you conspicuously
and appropriately publish on each copy an appropriate copyright notice
and disclaimer of warranty; keep intact all the notices that refer to
this License and to the absence of any warranty; and give any other
recipients of the Program a copy of this License along with the Program.
You may charge a fee for the physical act of transferring a copy, and
you may at your option offer warranty protection in exchange for a fee.
2. You may modify your copy or copies of the Program or any portion of
it, thus forming a work based on the Program, and copy and distribute
such modifications or work under the terms of Section 1 above, provided
that you also meet all of these conditions:
a) You must cause the modified files to carry prominent notices
stating that you changed the files and the date of any change.
b) You must cause any work that you distribute or publish, that in
whole or in part contains or is derived from the Program or any part
thereof, to be licensed as a whole at no charge to all third parties
under the terms of this License.
c) If the modified program normally reads commands interactively
when run, you must cause it, when started running for such
interactive use in the most ordinary way, to print or display an
announcement including an appropriate copyright notice and a notice
that there is no warranty (or else, saying that you provide a
warranty) and that users may redistribute the program under these
conditions, and telling the user how to view a copy of this License.
(Exception: if the Program itself is interactive but does not
normally print such an announcement, your work based on the Program
is not required to print an announcement.)
These requirements apply to the modified work as a whole. If
identifiable sections of that work are not derived from the Program, and
can be reasonably considered independent and separate works in
themselves, then this License, and its terms, do not apply to those
sections when you distribute them as separate works. But when you
distribute the same sections as part of a whole which is a work based on
the Program, the distribution of the whole must be on the terms of this
License, whose permissions for other licensees extend to the entire
whole, and thus to each and every part regardless of who wrote it.
Thus, it is not the intent of this section to claim rights or contest
your rights to work written entirely by you; rather, the intent is to
exercise the right to control the distribution of derivative or
collective works based on the Program.
In addition, mere aggregation of another work not based on the Program
with the Program (or with a work based on the Program) on a volume of a
storage or distribution medium does not bring the other work under the
scope of this License.
3. You may copy and distribute the Program (or a work based on it,
under Section 2) in object code or executable form under the terms of
Sections 1 and 2 above provided that you also do one of the following:
a) Accompany it with the complete corresponding machine-readable
source code, which must be distributed under the terms of Sections 1
and 2 above on a medium customarily used for software interchange; or,
b) Accompany it with a written offer, valid for at least three
years, to give any third party, for a charge no more than your cost
of physically performing source distribution, a complete
machine-readable copy of the corresponding source code, to be
distributed under the terms of Sections 1 and 2 above on a medium
customarily used for software interchange; or,
c) Accompany it with the information you received as to the offer to
distribute corresponding source code. (This alternative is allowed
only for noncommercial distribution and only if you received the
program in object code or executable form with such an offer, in
accord with Subsection b above.)
The source code for a work means the preferred form of the work for
making modifications to it. For an executable work, complete source code
means all the source code for all modules it contains, plus any
associated interface definition files, plus the scripts used to control
compilation and installation of the executable. However, as a special
exception, the source code distributed need not include anything that is
normally distributed (in either source or binary form) with the major
components (compiler, kernel, and so on) of the operating system on
which the executable runs, unless that component itself accompanies the
executable.
If distribution of executable or object code is made by offering access
to copy from a designated place, then offering equivalent access to copy
the source code from the same place counts as distribution of the source
code, even though third parties are not compelled to copy the source
along with the object code.
4. You may not copy, modify, sublicense, or distribute the Program
except as expressly provided under this License. Any attempt otherwise
to copy, modify, sublicense or distribute the Program is void, and will
automatically terminate your rights under this License. However, parties
who have received copies, or rights, from you under this License will
not have their licenses terminated so long as such parties remain in
full compliance.
5. You are not required to accept this License, since you have not
signed it. However, nothing else grants you permission to modify or
distribute the Program or its derivative works. These actions are
prohibited by law if you do not accept this License. Therefore, by
modifying or distributing the Program (or any work based on the
Program), you indicate your acceptance of this License to do so, and all
its terms and conditions for copying, distributing or modifying the
Program or works based on it.
6. Each time you redistribute the Program (or any work based on the
Program), the recipient automatically receives a license from the
original licensor to copy, distribute or modify the Program subject to
these terms and conditions. You may not impose any further restrictions
on the recipients' exercise of the rights granted herein. You are not
responsible for enforcing compliance by third parties to this License.
7. If, as a consequence of a court judgment or allegation of patent
infringement or for any other reason (not limited to patent issues),
conditions are imposed on you (whether by court order, agreement or
otherwise) that contradict the conditions of this License, they do not
excuse you from the conditions of this License. If you cannot distribute
so as to satisfy simultaneously your obligations under this License and
any other pertinent obligations, then as a consequence you may not
distribute the Program at all. For example, if a patent license would
not permit royalty-free redistribution of the Program by all those who
receive copies directly or indirectly through you, then the only way you
could satisfy both it and this License would be to refrain entirely from
distribution of the Program.
If any portion of this section is held invalid or unenforceable under
any particular circumstance, the balance of the section is intended to
apply and the section as a whole is intended to apply in other
circumstances.
It is not the purpose of this section to induce you to infringe any
patents or other property right claims or to contest validity of any
such claims; this section has the sole purpose of protecting the
integrity of the free software distribution system, which is implemented
by public license practices. Many people have made generous
contributions to the wide range of software distributed through that
system in reliance on consistent application of that system; it is up to
the author/donor to decide if he or she is willing to distribute
software through any other system and a licensee cannot impose that choice.
This section is intended to make thoroughly clear what is believed to be
a consequence of the rest of this License.
8. If the distribution and/or use of the Program is restricted in
certain countries either by patents or by copyrighted interfaces, the
original copyright holder who places the Program under this License may
add an explicit geographical distribution limitation excluding those
countries, so that distribution is permitted only in or among countries
not thus excluded. In such case, this License incorporates the
limitation as if written in the body of this License.
9. The Free Software Foundation may publish revised and/or new
versions of the General Public License from time to time. Such new
versions will be similar in spirit to the present version, but may
differ in detail to address new problems or concerns.
Each version is given a distinguishing version number. If the Program
specifies a version number of this License which applies to it and "any
later version", you have the option of following the terms and
conditions either of that version or of any later version published by
the Free Software Foundation. If the Program does not specify a version
number of this License, you may choose any version ever published by the
Free Software Foundation.
10. If you wish to incorporate parts of the Program into other free
programs whose distribution conditions are different, write to the
author to ask for permission. For software which is copyrighted by the
Free Software Foundation, write to the Free Software Foundation; we
sometimes make exceptions for this. Our decision will be guided by the
two goals of preserving the free status of all derivatives of our free
software and of promoting the sharing and reuse of software generally.
NO WARRANTY
11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO
WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW.
EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR
OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND,
EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE
ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH
YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL
NECESSARY SERVICING, REPAIR OR CORRECTION.
12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN
WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY
AND/OR REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR
DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL
DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE PROGRAM
(INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING RENDERED
INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF
THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS), EVEN IF SUCH HOLDER OR
OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
END OF TERMS AND CONDITIONS
How to Apply These Terms to Your New Programs
If you develop a new program, and you want it to be of the greatest
possible use to the public, the best way to achieve this is to make it
free software which everyone can redistribute and change under these terms.
To do so, attach the following notices to the program. It is safest to
attach them to the start of each source file to most effectively convey
the exclusion of warranty; and each file should have at least the
"copyright" line and a pointer to where the full notice is found.
One line to give the program's name and a brief idea of what it does.
Copyright (C) <year> <name of author>
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful, but
WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335 USA
Also add information on how to contact you by electronic and paper mail.
If the program is interactive, make it output a short notice like this
when it starts in an interactive mode:
Gnomovision version 69, Copyright (C) year name of author
Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type
`show w'. This is free software, and you are welcome to redistribute
it under certain conditions; type `show c' for details.
The hypothetical commands `show w' and `show c' should show the
appropriate parts of the General Public License. Of course, the commands
you use may be called something other than `show w' and `show c'; they
could even be mouse-clicks or menu items--whatever suits your program.
You should also get your employer (if you work as a programmer) or your
school, if any, to sign a "copyright disclaimer" for the program, if
necessary. Here is a sample; alter the names:
Yoyodyne, Inc., hereby disclaims all copyright interest in the
program `Gnomovision' (which makes passes at compilers) written by
James Hacker.
signature of Ty Coon, 1 April 1989
Ty Coon, President of Vice
This General Public License does not permit incorporating your program
into proprietary programs. If your program is a subroutine library, you
may consider it more useful to permit linking proprietary applications
with the library. If this is what you want to do, use the GNU Library
General Public License instead of this License.
#
Certain source files distributed by Oracle America, Inc. and/or its
affiliates are subject to the following clarification and special
exception to the GPLv2, based on the GNU Project exception for its
Classpath libraries, known as the GNU Classpath Exception, but only
where Oracle has expressly included in the particular source file's
header the words "Oracle designates this particular file as subject to
the "Classpath" exception as provided by Oracle in the LICENSE file
that accompanied this code."
You should also note that Oracle includes multiple, independent
programs in this software package. Some of those programs are provided
under licenses deemed incompatible with the GPLv2 by the Free Software
Foundation and others. For example, the package includes programs
licensed under the Apache License, Version 2.0. Such programs are
licensed to you under their original licenses.
Oracle facilitates your further distribution of this package by adding
the Classpath Exception to the necessary parts of its GPLv2 code, which
permits you to use that code in combination with other independent
modules not licensed under the GPLv2. However, note that this would
not permit you to commingle code under an incompatible license with
Oracle's GPLv2 licensed code by, for example, cutting and pasting such
code into a file also containing Oracle's GPLv2 licensed code and then
distributing the result. Additionally, if you were to remove the
Classpath Exception from any of the files to which it applies and
distribute the result, you would likely be required to license some or
all of the other code in that distribution under the GPLv2 as well, and
since the GPLv2 is incompatible with the license terms of some items
included in the distribution by Oracle, removing the Classpath
Exception could therefore effectively compromise your ability to
further distribute the package.
Proceed with caution and we recommend that you obtain the advice of a
lawyer skilled in open source matters before removing the Classpath
Exception or making modifications to this package which may
subsequently be redistributed and/or involve the use of third party
software.
CLASSPATH EXCEPTION
Linking this library statically or dynamically with other modules is
making a combined work based on this library. Thus, the terms and
conditions of the GNU General Public License version 2 cover the whole
combination.
As a special exception, the copyright holders of this library give you
permission to link this library with independent modules to produce an
executable, regardless of the license terms of these independent
modules, and to copy and distribute the resulting executable under
terms of your choice, provided that you also meet, for each linked
independent module, the terms and conditions of the license of that
module. An independent module is a module which is not derived from or
based on this library. If you modify this library, you may extend this
exception to your version of the library, but you are not obligated to
do so. If you do not wish to do so, delete this exception statement
from your version.

150
java/ql/test/stubs/javamail-api-1.6.2/javax/mail/Authenticator.java Normal file
View File

@@ -0,0 +1,150 @@
/*
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
*
* Copyright (c) 1997-2017 Oracle and/or its affiliates. All rights reserved.
*
* The contents of this file are subject to the terms of either the GNU
* General Public License Version 2 only ("GPL") or the Common Development
* and Distribution License("CDDL") (collectively, the "License"). You
* may not use this file except in compliance with the License. You can
* obtain a copy of the License at
* https://oss.oracle.com/licenses/CDDL+GPL-1.1
* or LICENSE.txt. See the License for the specific
* language governing permissions and limitations under the License.
*
* When distributing the software, include this License Header Notice in each
* file and include the License file at LICENSE.txt.
*
* GPL Classpath Exception:
* Oracle designates this particular file as subject to the "Classpath"
* exception as provided by Oracle in the GPL Version 2 section of the License
* file that accompanied this code.
*
* Modifications:
* If applicable, add the following below the License Header, with the fields
* enclosed by brackets [] replaced by your own identifying information:
* "Portions Copyright [year] [name of copyright owner]"
*
* Contributor(s):
* If you wish your version of this file to be governed by only the CDDL or
* only the GPL Version 2, indicate your decision by adding "[Contributor]
* elects to include this software in this distribution under the [CDDL or GPL
* Version 2] license." If you don't indicate a single choice of license, a
* recipient has the option to distribute your version of this file under
* either the CDDL, the GPL Version 2 or to extend the choice of license to
* its licensees as provided above. However, if you add GPL Version 2 code
* and therefore, elected the GPL Version 2 license, then the option applies
* only if the new code is made subject to such option by the copyright
* holder.
*/
package javax.mail;
import java.net.InetAddress;
/**
* The class Authenticator represents an object that knows how to obtain
* authentication for a network connection. Usually, it will do this by
* prompting the user for information.
* <p>
* Applications use this class by creating a subclass, and registering an
* instance of that subclass with the session when it is created. When
* authentication is required, the system will invoke a method on the subclass
* (like getPasswordAuthentication). The subclass's method can query about the
* authentication being requested with a number of inherited methods
* (getRequestingXXX()), and form an appropriate message for the user.
* <p>
* All methods that request authentication have a default implementation that
* fails.
*
* @see java.net.Authenticator
* @see javax.mail.Session#getInstance(java.util.Properties,
* javax.mail.Authenticator)
* @see javax.mail.Session#getDefaultInstance(java.util.Properties,
* javax.mail.Authenticator)
* @see javax.mail.Session#requestPasswordAuthentication
* @see javax.mail.PasswordAuthentication
*
* @author Bill Foote
* @author Bill Shannon
*/
// There are no abstract methods, but to be useful the user must
// subclass.
public abstract class Authenticator {
/**
* Ask the authenticator for a password.
* <p>
*
* @param addr The InetAddress of the site requesting authorization, or null
* if not known.
* @param port the port for the requested connection
* @param protocol The protocol that's requesting the connection (@see
* java.net.Authenticator.getProtocol())
* @param prompt A prompt string for the user
*
* @return The username/password, or null if one can't be gotten.
*/
final synchronized PasswordAuthentication requestPasswordAuthentication(InetAddress addr, int port, String protocol,
String prompt, String defaultUserName) {
return null;
}
/**
* @return the InetAddress of the site requesting authorization, or null if it's
* not available.
*/
protected final InetAddress getRequestingSite() {
return null;
}
/**
* @return the port for the requested connection
*/
protected final int getRequestingPort() {
return -1;
}
/**
* Give the protocol that's requesting the connection. Often this will be based
* on a URLName.
*
* @return the protcol
*
* @see javax.mail.URLName#getProtocol
*/
protected final String getRequestingProtocol() {
return null;
}
/**
* @return the prompt string given by the requestor
*/
protected final String getRequestingPrompt() {
return null;
}
/**
* @return the default user name given by the requestor
*/
protected final String getDefaultUserName() {
return null;
}
/**
* Called when password authentication is needed. Subclasses should override the
* default implementation, which returns null.
* <p>
*
* Note that if this method uses a dialog to prompt the user for this
* information, the dialog needs to block until the user supplies the
* information. This method can not simply return after showing the dialog.
*
* @return The PasswordAuthentication collected from the user, or null if none
* is provided.
*/
protected PasswordAuthentication getPasswordAuthentication() {
return null;
}
}

77
java/ql/test/stubs/javamail-api-1.6.2/javax/mail/PasswordAuthentication.java Normal file
View File

@@ -0,0 +1,77 @@
/*
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
*
* Copyright (c) 1997-2017 Oracle and/or its affiliates. All rights reserved.
*
* The contents of this file are subject to the terms of either the GNU
* General Public License Version 2 only ("GPL") or the Common Development
* and Distribution License("CDDL") (collectively, the "License"). You
* may not use this file except in compliance with the License. You can
* obtain a copy of the License at
* https://oss.oracle.com/licenses/CDDL+GPL-1.1
* or LICENSE.txt. See the License for the specific
* language governing permissions and limitations under the License.
*
* When distributing the software, include this License Header Notice in each
* file and include the License file at LICENSE.txt.
*
* GPL Classpath Exception:
* Oracle designates this particular file as subject to the "Classpath"
* exception as provided by Oracle in the GPL Version 2 section of the License
* file that accompanied this code.
*
* Modifications:
* If applicable, add the following below the License Header, with the fields
* enclosed by brackets [] replaced by your own identifying information:
* "Portions Copyright [year] [name of copyright owner]"
*
* Contributor(s):
* If you wish your version of this file to be governed by only the CDDL or
* only the GPL Version 2, indicate your decision by adding "[Contributor]
* elects to include this software in this distribution under the [CDDL or GPL
* Version 2] license." If you don't indicate a single choice of license, a
* recipient has the option to distribute your version of this file under
* either the CDDL, the GPL Version 2 or to extend the choice of license to
* its licensees as provided above. However, if you add GPL Version 2 code
* and therefore, elected the GPL Version 2 license, then the option applies
* only if the new code is made subject to such option by the copyright
* holder.
*/
package javax.mail;
/**
* The class PasswordAuthentication is a data holder that is used by
* Authenticator. It is simply a repository for a user name and a password.
*
* @see java.net.PasswordAuthentication
* @see javax.mail.Authenticator
* @see javax.mail.Authenticator#getPasswordAuthentication()
*
* @author Bill Foote
*/
public final class PasswordAuthentication {
/**
* Initialize a new PasswordAuthentication
*
* @param userName the user name
* @param password The user's password
*/
public PasswordAuthentication(String userName, String password) {
}
/**
* @return the user name
*/
public String getUserName() {
return null;
}
/**
* @return the password
*/
public String getPassword() {
return null;
}
}

325
java/ql/test/stubs/javamail-api-1.6.2/javax/mail/Session.java Normal file
View File

@@ -0,0 +1,325 @@
/*
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
*
* Copyright (c) 1997-2018 Oracle and/or its affiliates. All rights reserved.
*
* The contents of this file are subject to the terms of either the GNU
* General Public License Version 2 only ("GPL") or the Common Development
* and Distribution License("CDDL") (collectively, the "License"). You
* may not use this file except in compliance with the License. You can
* obtain a copy of the License at
* https://oss.oracle.com/licenses/CDDL+GPL-1.1
* or LICENSE.txt. See the License for the specific
* language governing permissions and limitations under the License.
*
* When distributing the software, include this License Header Notice in each
* file and include the License file at LICENSE.txt.
*
* GPL Classpath Exception:
* Oracle designates this particular file as subject to the "Classpath"
* exception as provided by Oracle in the GPL Version 2 section of the License
* file that accompanied this code.
*
* Modifications:
* If applicable, add the following below the License Header, with the fields
* enclosed by brackets [] replaced by your own identifying information:
* "Portions Copyright [year] [name of copyright owner]"
*
* Contributor(s):
* If you wish your version of this file to be governed by only the CDDL or
* only the GPL Version 2, indicate your decision by adding "[Contributor]
* elects to include this software in this distribution under the [CDDL or GPL
* Version 2] license." If you don't indicate a single choice of license, a
* recipient has the option to distribute your version of this file under
* either the CDDL, the GPL Version 2 or to extend the choice of license to
* its licensees as provided above. However, if you add GPL Version 2 code
* and therefore, elected the GPL Version 2 license, then the option applies
* only if the new code is made subject to such option by the copyright
* holder.
*/
package javax.mail;
import java.lang.reflect.*;
import java.io.*;
import java.net.*;
import java.security.*;
import java.util.Collections;
import java.util.Hashtable;
import java.util.Map;
import java.util.HashMap;
import java.util.List;
import java.util.ArrayList;
import java.util.Properties;
import java.util.StringTokenizer;
import java.util.ServiceLoader;
import java.util.logging.Level;
import java.util.concurrent.Executor;
/**
* The Session class represents a mail session and is not subclassed. It
* collects together properties and defaults used by the mail API's. A single
* default session can be shared by multiple applications on the desktop.
* Unshared sessions can also be created.
* <p>
*
* The Session class provides access to the protocol providers that implement
* the <code>Store</code>, <code>Transport</code>, and related classes. The
* protocol providers are configured using the following files:
* <ul>
* <li><code>javamail.providers</code> and
* <code>javamail.default.providers</code></li>
* <li><code>javamail.address.map</code> and
* <code>javamail.default.address.map</code></li>
* </ul>
* <p>
* Each <code>javamail.</code><i>X</i> resource file is searched for using three
* methods in the following order:
* <ol>
* <li><code><i>java.home</i>/<i>conf</i>/javamail.</code><i>X</i></li>
* <li><code>META-INF/javamail.</code><i>X</i></li>
* <li><code>META-INF/javamail.default.</code><i>X</i></li>
* </ol>
* <p>
* (Where <i>java.home</i> is the value of the "java.home" System property and
* <i>conf</i> is the directory named "conf" if it exists, otherwise the
* directory named "lib"; the "conf" directory was introduced in JDK 1.9.)
* <p>
* The first method allows the user to include their own version of the resource
* file by placing it in the <i>conf</i> directory where the
* <code>java.home</code> property points. The second method allows an
* application that uses the JavaMail APIs to include their own resource files
* in their application's or jar file's <code>META-INF</code> directory. The
* <code>javamail.default.</code><i>X</i> default files are part of the JavaMail
* <code>mail.jar</code> file and should not be supplied by users.
* <p>
*
* File location depends upon how the <code>ClassLoader</code> method
* <code>getResource</code> is implemented. Usually, the
* <code>getResource</code> method searches through CLASSPATH until it finds the
* requested file and then stops.
* <p>
*
* The ordering of entries in the resource files matters. If multiple entries
* exist, the first entries take precedence over the later entries. For example,
* the first IMAP provider found will be set as the default IMAP implementation
* until explicitly changed by the application. The user- or system-supplied
* resource files augment, they do not override, the default files included with
* the JavaMail APIs. This means that all entries in all files loaded will be
* available.
* <p>
*
* <b><code>javamail.providers</code></b> and
* <b><code>javamail.default.providers</code></b>
* <p>
*
* These resource files specify the stores and transports that are available on
* the system, allowing an application to "discover" what store and transport
* implementations are available. The protocol implementations are listed one
* per line. The file format defines four attributes that describe a protocol
* implementation. Each attribute is an "="-separated name-value pair with the
* name in lowercase. Each name-value pair is semi-colon (";") separated. The
* following names are defined.
*
* <table border=1>
* <caption> Attribute Names in Providers Files </caption>
* <tr>
* <th>Name</th>
* <th>Description</th>
* </tr>
* <tr>
* <td>protocol</td>
* <td>Name assigned to protocol. For example, <code>smtp</code> for
* Transport.</td>
* </tr>
* <tr>
* <td>type</td>
* <td>Valid entries are <code>store</code> and <code>transport</code>.</td>
* </tr>
* <tr>
* <td>class</td>
* <td>Class name that implements this protocol.</td>
* </tr>
* <tr>
* <td>vendor</td>
* <td>Optional string identifying the vendor.</td>
* </tr>
* <tr>
* <td>version</td>
* <td>Optional string identifying the version.</td>
* </tr>
* </table>
* <p>
*
* Here's an example of <code>META-INF/javamail.default.providers</code> file
* contents:
*
* <pre>
* protocol=imap; type=store; class=com.sun.mail.imap.IMAPStore; vendor=Oracle;
* protocol=smtp; type=transport; class=com.sun.mail.smtp.SMTPTransport; vendor=Oracle;
* </pre>
* <p>
*
* The current implementation also supports configuring providers using the Java
* SE {@link java.util.ServiceLoader ServiceLoader} mechanism. When creating
* your own provider, create a {@link Provider} subclass, for example:
*
* <pre>
* package com.example;
*
* import javax.mail.Provider;
*
* public class MyProvider extends Provider {
* public MyProvider() {
* super(Provider.Type.STORE, "myprot", MyStore.class.getName(), "Example", null);
* }
* }
* </pre>
*
* Then include a file named <code>META-INF/services/javax.mail.Provider</code>
* in your jar file that lists the name of your Provider class:
*
* <pre>
* com.example.MyProvider
* </pre>
* <p>
*
* <b><code>javamail.address.map</code></b> and
* <b><code>javamail.default.address.map</code></b>
* <p>
*
* These resource files map transport address types to the transport protocol.
* The <code>getType</code> method of <code>javax.mail.Address</code> returns
* the address type. The <code>javamail.address.map</code> file maps the
* transport type to the protocol. The file format is a series of name-value
* pairs. Each key name should correspond to an address type that is currently
* installed on the system; there should also be an entry for each
* <code>javax.mail.Address</code> implementation that is present if it is to be
* used. For example, the <code>javax.mail.internet.InternetAddress</code>
* method <code>getType</code> returns "rfc822". Each referenced protocol should
* be installed on the system. For the case of <code>news</code>, below, the
* client should install a Transport provider supporting the nntp protocol.
* <p>
*
* Here are the typical contents of a <code>javamail.address.map</code> file:
*
* <pre>
* rfc822=smtp
* news=nntp
* </pre>
*
* @author John Mani
* @author Bill Shannon
* @author Max Spivak
*/
public final class Session {
/**
* Get a new Session object.
*
* @param props Properties object that hold relevant properties.<br>
* It is expected that the client supplies values for the
* properties listed in Appendix A of the JavaMail spec
* (particularly mail.store.protocol,
* mail.transport.protocol, mail.host, mail.user, and
* mail.from) as the defaults are unlikely to work in all
* cases.
* @param authenticator Authenticator object used to call back to the
* application when a user name and password is needed.
* @return a new Session object
* @see javax.mail.Authenticator
*/
public static Session getInstance(Properties props, Authenticator authenticator) {
return null;
}
/**
* Get a new Session object.
*
* @param props Properties object that hold relevant properties.<br>
* It is expected that the client supplies values for the
* properties listed in Appendix A of the JavaMail spec
* (particularly mail.store.protocol, mail.transport.protocol,
* mail.host, mail.user, and mail.from) as the defaults are
* unlikely to work in all cases.
* @return a new Session object
* @since JavaMail 1.2
*/
public static Session getInstance(Properties props) {
return null;
}
/**
* Get the default Session object. If a default has not yet been setup, a new
* Session object is created and installed as the default.
* <p>
*
* Since the default session is potentially available to all code executing in
* the same Java virtual machine, and the session can contain security sensitive
* information such as user names and passwords, access to the default session
* is restricted. The Authenticator object, which must be created by the caller,
* is used indirectly to check access permission. The Authenticator object
* passed in when the session is created is compared with the Authenticator
* object passed in to subsequent requests to get the default session. If both
* objects are the same, or are from the same ClassLoader, the request is
* allowed. Otherwise, it is denied.
* <p>
*
* Note that if the Authenticator object used to create the session is null,
* anyone can get the default session by passing in null.
* <p>
*
* Note also that the Properties object is used only the first time this method
* is called, when a new Session object is created. Subsequent calls return the
* Session object that was created by the first call, and ignore the passed
* Properties object. Use the <code>getInstance</code> method to get a new
* Session object every time the method is called.
* <p>
*
* Additional security Permission objects may be used to control access to the
* default session.
* <p>
*
* In the current implementation, if a SecurityManager is set, the caller must
* have the <code>RuntimePermission("setFactory")</code> permission.
*
* @param props Properties object. Used only if a new Session object is
* created.<br>
* It is expected that the client supplies values for the
* properties listed in Appendix A of the JavaMail spec
* (particularly mail.store.protocol,
* mail.transport.protocol, mail.host, mail.user, and
* mail.from) as the defaults are unlikely to work in all
* cases.
* @param authenticator Authenticator object. Used only if a new Session object
* is created. Otherwise, it must match the Authenticator
* used to create the Session.
* @return the default Session object
*/
public static synchronized Session getDefaultInstance(Properties props, Authenticator authenticator) {
return null;
}
/**
* Get the default Session object. If a default has not yet been setup, a new
* Session object is created and installed as the default.
* <p>
*
* Note that a default session created with no Authenticator is available to all
* code executing in the same Java virtual machine, and the session can contain
* security sensitive information such as user names and passwords.
*
* @param props Properties object. Used only if a new Session object is
* created.<br>
* It is expected that the client supplies values for the
* properties listed in Appendix A of the JavaMail spec
* (particularly mail.store.protocol, mail.transport.protocol,
* mail.host, mail.user, and mail.from) as the defaults are
* unlikely to work in all cases.
* @return the default Session object
* @since JavaMail 1.2
*/
public static Session getDefaultInstance(Properties props) {
return null;
}
}