Explicitly decide whether to use TLS in mailer's configuration (#5024)
* explicitly decide on using TLS for mail connections * explicitly decide on using TLS for mail connections * keep compatibilityrelease/v1.15
parent
ce9a5173fe
commit
3a1ed82529
|
@ -388,6 +388,8 @@ SKIP_VERIFY =
|
||||||
USE_CERTIFICATE = false
|
USE_CERTIFICATE = false
|
||||||
CERT_FILE = custom/mailer/cert.pem
|
CERT_FILE = custom/mailer/cert.pem
|
||||||
KEY_FILE = custom/mailer/key.pem
|
KEY_FILE = custom/mailer/key.pem
|
||||||
|
; Should SMTP connection use TLS
|
||||||
|
IS_TLS_ENABLED = false
|
||||||
; Mail from address, RFC 5322. This can be just an email address, or the `"Name" <email@example.com>` format
|
; Mail from address, RFC 5322. This can be just an email address, or the `"Name" <email@example.com>` format
|
||||||
FROM =
|
FROM =
|
||||||
; Mailer user name and password
|
; Mailer user name and password
|
||||||
|
|
|
@ -62,7 +62,7 @@ Values containing `#` or `;` must be quoted using `` ` `` or `"""`.
|
||||||
HTTP protocol.
|
HTTP protocol.
|
||||||
- `USE_COMPAT_SSH_URI`: **false**: Force ssh:// clone url instead of scp-style uri when
|
- `USE_COMPAT_SSH_URI`: **false**: Force ssh:// clone url instead of scp-style uri when
|
||||||
default SSH port is used.
|
default SSH port is used.
|
||||||
|
|
||||||
### Repository - Pull Request (`repository.pull-request`)
|
### Repository - Pull Request (`repository.pull-request`)
|
||||||
- `WORK_IN_PROGRESS_PREFIXES`: **WIP:,\[WIP\]**: List of prefixes used in Pull Request
|
- `WORK_IN_PROGRESS_PREFIXES`: **WIP:,\[WIP\]**: List of prefixes used in Pull Request
|
||||||
title to mark them as Work In Progress
|
title to mark them as Work In Progress
|
||||||
|
@ -222,6 +222,7 @@ Values containing `#` or `;` must be quoted using `` ` `` or `"""`.
|
||||||
`FROM` and `SENDMAIL_PATH`.
|
`FROM` and `SENDMAIL_PATH`.
|
||||||
- `SENDMAIL_PATH`: **sendmail**: The location of sendmail on the operating system (can be
|
- `SENDMAIL_PATH`: **sendmail**: The location of sendmail on the operating system (can be
|
||||||
command or full path).
|
command or full path).
|
||||||
|
- ``IS_TLS_ENABLED`` : **false** : Decide if SMTP connections should use TLS.
|
||||||
|
|
||||||
## Cache (`cache`)
|
## Cache (`cache`)
|
||||||
|
|
||||||
|
@ -310,8 +311,8 @@ Values containing `#` or `;` must be quoted using `` ` `` or `"""`.
|
||||||
- `TOKEN`: **\<empty\>**: You need to specify the token, if you want to include in the authorization the metrics . The same token need to be used in prometheus parameters `bearer_token` or `bearer_token_file`.
|
- `TOKEN`: **\<empty\>**: You need to specify the token, if you want to include in the authorization the metrics . The same token need to be used in prometheus parameters `bearer_token` or `bearer_token_file`.
|
||||||
|
|
||||||
## API (`api`)
|
## API (`api`)
|
||||||
|
|
||||||
- `ENABLE_SWAGGER_ENDPOINT`: **true**: Enables /api/swagger, /api/v1/swagger etc. endpoints. True or false; default is true.
|
- `ENABLE_SWAGGER_ENDPOINT`: **true**: Enables /api/swagger, /api/v1/swagger etc. endpoints. True or false; default is true.
|
||||||
- `MAX_RESPONSE_ITEMS`: **50**: Max number of items in a page.
|
- `MAX_RESPONSE_ITEMS`: **50**: Max number of items in a page.
|
||||||
|
|
||||||
## i18n (`i18n`)
|
## i18n (`i18n`)
|
||||||
|
|
|
@ -122,11 +122,10 @@ func (s *smtpSender) Send(from string, to []string, msg io.WriterTo) error {
|
||||||
}
|
}
|
||||||
defer conn.Close()
|
defer conn.Close()
|
||||||
|
|
||||||
isSecureConn := false
|
isSecureConn := opts.IsTLSEnabled || (strings.HasSuffix(port, "465"))
|
||||||
// Start TLS directly if the port ends with 465 (SMTPS protocol)
|
// Start TLS directly if the port ends with 465 (SMTPS protocol)
|
||||||
if strings.HasSuffix(port, "465") {
|
if isSecureConn {
|
||||||
conn = tls.Client(conn, tlsconfig)
|
conn = tls.Client(conn, tlsconfig)
|
||||||
isSecureConn = true
|
|
||||||
}
|
}
|
||||||
|
|
||||||
client, err := smtp.NewClient(conn, host)
|
client, err := smtp.NewClient(conn, host)
|
||||||
|
|
|
@ -1523,6 +1523,7 @@ type Mailer struct {
|
||||||
SkipVerify bool
|
SkipVerify bool
|
||||||
UseCertificate bool
|
UseCertificate bool
|
||||||
CertFile, KeyFile string
|
CertFile, KeyFile string
|
||||||
|
IsTLSEnabled bool
|
||||||
|
|
||||||
// Sendmail sender
|
// Sendmail sender
|
||||||
UseSendmail bool
|
UseSendmail bool
|
||||||
|
@ -1556,6 +1557,7 @@ func newMailService() {
|
||||||
UseCertificate: sec.Key("USE_CERTIFICATE").MustBool(),
|
UseCertificate: sec.Key("USE_CERTIFICATE").MustBool(),
|
||||||
CertFile: sec.Key("CERT_FILE").String(),
|
CertFile: sec.Key("CERT_FILE").String(),
|
||||||
KeyFile: sec.Key("KEY_FILE").String(),
|
KeyFile: sec.Key("KEY_FILE").String(),
|
||||||
|
IsTLSEnabled: sec.Key("IS_TLS_ENABLED").MustBool(),
|
||||||
|
|
||||||
UseSendmail: sec.Key("USE_SENDMAIL").MustBool(),
|
UseSendmail: sec.Key("USE_SENDMAIL").MustBool(),
|
||||||
SendmailPath: sec.Key("SENDMAIL_PATH").MustString("sendmail"),
|
SendmailPath: sec.Key("SENDMAIL_PATH").MustString("sendmail"),
|
||||||
|
|
Loading…
Reference in New Issue