rspec/rules/S5332/java/rule.adoc

include::../description.adoc[]

include::../ask-yourself.adoc[]

include::../recommended.adoc[]

== Sensitive Code Example

These clients from https://commons.apache.org/proper/commons-net/[Apache commons net] libraries are based on unencrypted protocols and are not recommended:

----
TelnetClient telnet = new TelnetClient(); // Sensitive

FTPClient ftpClient = new FTPClient(); // Sensitive

SMTPClient smtpClient = new SMTPClient(); // Sensitive
----

== Compliant Solution

Use instead these clients from https://commons.apache.org/proper/commons-net/[Apache commons net] and http://www.jcraft.com/jsch/[JSch/ssh] library:

----
JSch jsch = new JSch(); // Compliant

if(implicit) {
  // implicit mode is considered deprecated but offer the same security than explicit mode
  FTPSClient ftpsClient = new FTPSClient(true); // Compliant
}
else {
  FTPSClient ftpsClient = new FTPSClient(); // Compliant
}

if(implicit) {
  // implicit mode is considered deprecated but offer the same security than explicit mode
  SMTPSClient smtpsClient = new SMTPSClient(true); // Compliant
}
else {
  SMTPSClient smtpsClient = new SMTPSClient(); // Compliant
  smtpsClient.connect("127.0.0.1", 25);
  if (smtpsClient.execTLS()) {
    // commands
  }
}
----

include::../exceptions.adoc[]

include::../see.adoc[]
Nightly update 2021-01-21 04:09:13 +00:00			`include::../description.adoc[]`

			`include::../ask-yourself.adoc[]`

			`include::../recommended.adoc[]`

			`== Sensitive Code Example`

			`These clients from https://commons.apache.org/proper/commons-net/[Apache commons net] libraries are based on unencrypted protocols and are not recommended:`

			`----`
			`TelnetClient telnet = new TelnetClient(); // Sensitive`

			`FTPClient ftpClient = new FTPClient(); // Sensitive`

			`SMTPClient smtpClient = new SMTPClient(); // Sensitive`
			`----`

			`== Compliant Solution`

			`Use instead these clients from https://commons.apache.org/proper/commons-net/[Apache commons net] and http://www.jcraft.com/jsch/[JSch/ssh] library:`

			`----`
			`JSch jsch = new JSch(); // Compliant`

Nightly update 2021-01-22 04:06:24 +00:00			`if(implicit) {`
			`// implicit mode is considered deprecated but offer the same security than explicit mode`
			`FTPSClient ftpsClient = new FTPSClient(true); // Compliant`
			`}`
			`else {`
			`FTPSClient ftpsClient = new FTPSClient(); // Compliant`
			`}`

			`if(implicit) {`
			`// implicit mode is considered deprecated but offer the same security than explicit mode`
			`SMTPSClient smtpsClient = new SMTPSClient(true); // Compliant`
			`}`
			`else {`
			`SMTPSClient smtpsClient = new SMTPSClient(); // Compliant`
			`smtpsClient.connect("127.0.0.1", 25);`
			`if (smtpsClient.execTLS()) {`
			`// commands`
			`}`
			`}`
Nightly update 2021-01-21 04:09:13 +00:00			`----`

			`include::../exceptions.adoc[]`

			`include::../see.adoc[]`