Changes:

- Proper H2 database upgrade (2.3.232)
- Proper Mailing: TLS/SSL switches, UTF-8 encoding, no HTML escaping
- Pre-process also for app-bundles and proper variable replacements
- Pre-process variable replacement for app-name
- Cleanups
- beetRoot version set to 3.1.1

THIRDPARTYLICENSES.html

@@ -39,11 +39,11 @@
 <body>
 <h1>Third Party Licenses</h1>
 <div class="htitle">
-<span class="htitle0">autumo beetRoot 3.1.0 </span><span class="htitled"> &#x2022; </span><span class="htitle1"> A slim &amp; rapid Java web-dev framework</span><br>
+<span class="htitle0">autumo beetRoot 3.1.1 </span><span class="htitled"> &#x2022; </span><span class="htitle1"> A slim &amp; rapid Java web-dev framework</span><br>
 </div>
 <span class="header">&copy; 2024 <a class="comp" href="https://autumo.ch">autumo GmbH</a></span><br>
-<span class="header">Date: 2024-09-26</span><br>
-<span class="header">Version 3.1</span><br>	
+<span class="header">Date: 2024-10-14</span><br>
+<span class="header">Version 3.1.1</span><br>	
 <br>
 <h2 class="para">Libraries</h2>
 

cfg/beetroot.cfg

@@ -2,12 +2,12 @@
 #------------------------------------------------------------------------------
 #
 #  beetRoot configuration
-#  Version: 3.3
+#  Version: 3.4
 #
 #------------------------------------------------------------------------------
 #
 #  2024 autumo GmbH
-#  Date: 26.09.2024
+#  Date: 14.10.2024
 #
 #------------------------------------------------------------------------------
 
@@ -636,10 +636,19 @@ mail_password=
 mail_formats=html
 
 #
-# Enable TLS for mail? Values: yes|no
+# Enable TLS (STARTTLS) for mail? Values: yes|no
+#
+# Don't combine this with SSL.
 #
 mail_tls_enable=no
 
+#
+# Enable SSL for mail? Values: yes|no
+#
+# This does not use certificates from 'cfg/KeyStore.jks'.
+#
+mail_ssl_enable=no
+
 #
 # Default email sender address.
 # Used unless 'mail.from' is defined in the database properties.

cfg/beetroot_dist.cfg

@@ -2,12 +2,12 @@
 #------------------------------------------------------------------------------
 #
 #  beetRoot configuration
-#  Version: 3.3
+#  Version: 3.4
 #
 #------------------------------------------------------------------------------
 #
 #  2024 autumo GmbH
-#  Date: 26.09.2024
+#  Date: 14.10.2024
 #
 #------------------------------------------------------------------------------
 
@@ -636,10 +636,19 @@ mail_password=
 mail_formats=html
 
 #
-# Enable TLS for mail? Values: yes|no
+# Enable TLS (STARTTLS) for mail? Values: yes|no
+#
+# Don't combine this with SSL.
 #
 mail_tls_enable=no
 
+#
+# Enable SSL for mail? Values: yes|no
+#
+# This does not use certificates from 'cfg/KeyStore.jks'.
+#
+mail_ssl_enable=no
+
 #
 # Default email sender address.
 # Used unless 'mail.from' is defined in the database properties.

cfg/beetroot_test.cfg

@@ -2,12 +2,12 @@
 #------------------------------------------------------------------------------
 #
 #  beetRoot configuration
-#  Version: 3.3
+#  Version: 3.4
 #
 #------------------------------------------------------------------------------
 #
 #  2024 autumo GmbH
-#  Date: 26.09.2024
+#  Date: 14.10.2024
 #
 #------------------------------------------------------------------------------
 
@@ -636,10 +636,19 @@ mail_password=
 mail_formats=html
 
 #
-# Enable TLS for mail? Values: yes|no
+# Enable TLS (STARTTLS) for mail? Values: yes|no
+#
+# Don't combine this with SSL.
 #
 mail_tls_enable=no
 
+#
+# Enable SSL for mail? Values: yes|no
+#
+# This does not use certificates from 'cfg/KeyStore.jks'.
+#
+mail_ssl_enable=no
+
 #
 # Default email sender address.
 # Used unless 'mail.from' is defined in the database properties.

etc/pom/pom.xml

@@ -27,7 +27,7 @@
 		<version.maven.resources.plugin>3.3.1</version.maven.resources.plugin>
 		<version.maven.surefire.plugin>3.0.0-M5</version.maven.surefire.plugin>
 
-		<version.autumo.beetroot>3.1.0</version.autumo.beetroot>
+		<version.autumo.beetroot>3.1.1</version.autumo.beetroot>
 		<version.nanohttpd>BEETROOT-2.3.5</version.nanohttpd
 		>
 		<version.hikaricp>6.0.0</version.hikaricp>

make.sh

@@ -19,7 +19,7 @@
 
 
 # Vars
-VERSION=3.1.0
+VERSION=3.1.1
 
 
 

pom.xml

@@ -5,7 +5,7 @@
 	<name>autumo-beetroot</name>
 	<groupId>ch.autumo.beetroot</groupId>
 	<artifactId>autumo-beetroot</artifactId>
-	<version>3.1.0</version>
+	<version>3.1.1</version>
 	<packaging>jar</packaging>
 
 	<licenses>

src/main/java/ch/autumo/beetroot/BeetRootConfigurationManager.java

@@ -45,6 +45,7 @@
 import ch.autumo.beetroot.logging.LogBuffer.LogLevel;
 import ch.autumo.beetroot.security.SecureApplication;
 import ch.autumo.beetroot.utils.Helper;
+import ch.autumo.beetroot.utils.UtilsException;
 import ch.autumo.beetroot.utils.security.Security;
 import ch.autumo.beetroot.utils.system.OS;
 
@@ -111,7 +112,6 @@ private BeetRootConfigurationManager() {
 	 * @return manager
 	 */
 	public static synchronized BeetRootConfigurationManager getInstance() {
-
 		if (manager == null) {
 			manager = new BeetRootConfigurationManager();
 		}
@@ -283,7 +283,7 @@ public synchronized void initializeWithFullPath(String configFilePath) throws Ex
 		// load some main props separately
 		this.csrf = getYesOrNo(Constants.KEY_WS_USE_CSRF_TOKENS, Constants.YES);
 		if (this.csrf)
-    		LogBuffer.log(LogLevel.INFO, "CSRF activated!");
+    		LogBuffer.log(LogLevel.INFO, "CSRF activated.");
 
 		this.extendedRoles = getYesOrNo(Constants.KEY_WS_USE_EXT_ROLES, Constants.YES);
 		this.translateTemplates = getYesOrNo(Constants.KEY_WEB_TRANSLATIONS, Constants.NO);
@@ -490,14 +490,11 @@ public String getRootPath() {
 	 * @return string value
 	 */
 	public String getString(String key) {
-
 		String v = generalProps.getProperty(key);
 		if (v != null)
 			v = v.trim();
-
 		if (v == null)
-			LOG.warn("Value for key '"+key+"' doesn't exist in beetroot configuration!");
-
+			LOG.warn("Value for key '{}' doesn't exist in beetroot configuration!", key);
 		return v;
 	}
 
@@ -509,7 +506,6 @@ public String getString(String key) {
 	 * @return string value
 	 */
 	public String getString(String key, String defaultVal) {
-
 		String v = generalProps.getProperty(key);
 		if (v != null)
 			v = v.trim();
@@ -538,7 +534,6 @@ public String getStringNoWarn(String key) {
 	 * @return collected values
 	 */
 	public String[] getKeys(String keyPrefix) {
-
 		final List<String> collectedKeys = new ArrayList<>();
 		final Set<Object> keys = generalProps.keySet();
 		for (Iterator<Object> iterator = keys.iterator(); iterator.hasNext();) {
@@ -574,14 +569,11 @@ public String[] getValues(String keyPrefix) {
 	 * @return integer value
 	 */
 	public int getInt(String key) {
-
 		String v = generalProps.getProperty(key);
-
 		if (v == null || v.length() == 0) {
-			LOG.warn("Value for key '"+key+"' doesn't exist in beetroot configuration!");
+			LOG.warn("Value for key '{}' doesn't exist in beetroot configuration!", key);
 			return -1;
 		}
-
 		return Integer.valueOf(v);
 	}
 
@@ -624,10 +616,10 @@ public int getIntNoWarn(String key) {
 	public boolean getYesOrNo(String key, String defaultVal) {
 		String val = generalProps.getProperty(key);
 		if (val == null || val.length() == 0) {
-			return defaultVal.toLowerCase().equals(Constants.YES);
+			return defaultVal.equalsIgnoreCase(Constants.YES);
 		}
 		val = val.trim();
-		return val.toLowerCase().equals(Constants.YES);
+		return val.equalsIgnoreCase(Constants.YES);
 	}
 
 	/**
@@ -640,11 +632,11 @@ public boolean getYesOrNo(String key, String defaultVal) {
 	public boolean getYesOrNo(String key) {
 		String val = generalProps.getProperty(key);
 		if (val == null || val.length() == 0) {
-			LOG.warn("Value for yes/no key '"+key+"' doesn't exist in beetroot configuration!");
+			LOG.warn("Value for yes/no key '{}' doesn't exist in beetroot configuration!", key);
 			return false;
 		}
 		val = val.trim();
-		return val.toLowerCase().equals(Constants.YES);
+		return val.equalsIgnoreCase(Constants.YES);
 	}	
 
 	/**
@@ -659,7 +651,7 @@ public boolean getYesOrNoNoWarn(String key) {
 		if (val == null || val.length() == 0)
 			return false;
 		val = val.trim();
-		return val.toLowerCase().equals(Constants.YES);
+		return val.equalsIgnoreCase(Constants.YES);
 	}	
 
 	/**
@@ -669,14 +661,12 @@ public boolean getYesOrNoNoWarn(String key) {
 	 * @param key key
 	 * @param app secure application
 	 * @return encrypted value
-	 * @throws Exception exception
+	 * @throws UtilsException if decoding fails
 	 */
-	public String getDecodedString(String key, SecureApplication app) throws Exception {
-
+	public String getDecodedString(String key, SecureApplication app) throws UtilsException {
 		String v = generalProps.getProperty(key);
 		if (v != null)
 			v = v.trim();
-
 		return Security.decode(v, app);
 	}
 
@@ -740,10 +730,9 @@ public String[] getSepValues(String key) {
 	 * @return allowed mime types
 	 */
 	public List<String> getMimeTypes(String key) {
-
 		final String mimes = generalProps.getProperty(key);
 		if (mimes == null || mimes.trim().length() == 0) {
-			LOG.warn("There are no mime types for key '" + key + "' ! This will create errors...");
+			LOG.warn("There are no mime types for key '{}' ! This will create errors...", key);
 			return Collections.emptyList();
 		}
 		final String arr[] = mimes.trim().split(" ");
@@ -767,7 +756,6 @@ public ServletContext getServletContext() {
 	 * @return servlet name
 	 */
 	public String getServletName() {
-
 		String servletName = generalProps.getProperty("web_html_ref_pre_url_part");
 		if (servletName != null)
 			servletName = servletName.trim();
@@ -784,9 +772,8 @@ public String getServletName() {
 	 * @param xmlConfigFile only the file name, path is concluded by ROOTPATH and cfg-directory
 	 * @param moduleName module name
 	 * @return XML doc root
-	 * @throws Exception if module configuration cannot be loaded
 	 */
-	public static Document getXMLModuleConfig(String xmlConfigFile, String moduleName) throws Exception {
+	public static Document getXMLModuleConfig(String xmlConfigFile, String moduleName) {
 		return getXMLModuleConfigWithFullPath(rootPath + Constants.CONFIG_PATH + xmlConfigFile, moduleName);
 	}
 
@@ -797,9 +784,8 @@ public static Document getXMLModuleConfig(String xmlConfigFile, String moduleNam
 	 * @param xmlRelativePath relative path that is concluded with ROOTPATH
 	 * @param moduleName module name
 	 * @return XML doc root
-	 * @throws Exception if module configuration cannot be loaded
 	 */
-	public static Document getXMLModuleConfigRelative(String xmlRelativePath, String moduleName) throws Exception {
+	public static Document getXMLModuleConfigRelative(String xmlRelativePath, String moduleName) {
 		// check root path
     	if (!rootPath.endsWith(OS.FILE_SEPARATOR))
     		rootPath += OS.FILE_SEPARATOR;
@@ -815,10 +801,8 @@ public static Document getXMLModuleConfigRelative(String xmlRelativePath, String
 	 * @return XML doc root
 	 */
 	public static Document getXMLModuleConfigWithFullPath(String xmlConfigFilePath, String moduleName) {
-
 		Document doc = null;
 		final DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance();
-
 		try {
 			// optional, but recommended
 			// process XML securely, avoid attacks like XML External Entities (XXE)

src/main/java/ch/autumo/beetroot/BeetRootWebServer.java

@@ -823,13 +823,19 @@ else if (postParamUsername != null && postParamUsername.length() != 0) {
 							}
 							if (codeEmailOn) {
 								final Map<String, String> variables = new HashMap<>();
-								variables.put("title", LanguageManager.getInstance().translateFullEscape("base.mail.code.title", session));
-								variables.put("subtitle", LanguageManager.getInstance().translateFullEscape("base.mail.code.subtitle", session));
+								variables.put("title", LanguageManager.getInstance().translate("base.mail.code.title", session));
+								variables.put("subtitle", LanguageManager.getInstance().translate("base.mail.code.subtitle", session));
 								variables.put("code", genCode);
-								variables.put("message", LanguageManager.getInstance().translateFullEscape("base.mail.code.msg", session));
+								variables.put("message", LanguageManager.getInstance().translate("base.mail.code.msg", session));
 								try {
 									// Mail it!
-									MailerFactory.getInstance().mail(new String[] {user.getEmail()}, LanguageManager.getInstance().translateFullEscape("base.mail.code.title", session), variables, "code", session);	
+									MailerFactory.getInstance().mail(
+											new String[] {user.getEmail()},
+											LanguageManager.getInstance().translate("base.mail.code.title", session),
+											variables,
+											"code",
+											session
+										);	
 						        } catch (Exception me) {
 									final String err = "Server Internal Error - Mail Exception: " + me.getMessage();
 									LOG.error(err, me);

src/main/java/ch/autumo/beetroot/Constants.java

@@ -335,8 +335,17 @@ public class Constants {
      */
 	public static String MAIL_SMTP_TLS_ENABLE_KEY = "mail.smtp.starttls.enable";
 
+    /**
+     * Mail, enable SSL?
+     */
+	public static String MAIL_SMTP_SSL = "mail.smtp.ssl.enable";
 
+    /**
+     * Mail SSL server identity check.
+     */
+	public static String MAIL_SMTP_SSL_CHECK_SERVER_ID = "mail.smtp.ssl.checkserveridentity";
 
+
 	// DB specific
 	//------------------------------------------------------------------------------