Skip to content

Commit

Permalink
Browse files Browse the repository at this point in the history
Enable S/MIME signing of e-mails
Use existing PHPMailer functionality to allow MantisBT to sign outgoing
e-mail notifications.

Fixes #25764

Signed-off-by: Damien Regad <dregad@mantisbt.org>

TomekAP's original contribution was modified as follows:
- Fix inconsistent naming of 'g_email_signing_sign_extracerts_file' in
  config_defaults_inc.php, referenced everywhere else as
  'g_email_signing_extracerts_file'
- Rename configs with prefix 'smime' instead of 'signing', to avoid any
  confusion with DKIM which is also about signing
- Use suffix '_file' instead of '_filename'
- Fix whitespace
  • Loading branch information
tsz authored and dregad committed Jan 8, 2021
1 parent 92b63df commit 1bf2f04
Show file tree
Hide file tree
Showing 2 changed files with 40 additions and 1 deletion.
34 changes: 33 additions & 1 deletion config_defaults_inc.php
Expand Up @@ -756,6 +756,36 @@
*/
$g_email_dkim_identity = 'noreply@example.com';

/**
* Path to mail certification file
*
* @global string $g_email_smime_cert_file
*/
$g_email_smime_cert_file = '';

/**
* Path to mail private key file
*
* @see $g_email_smime_cert_file
*
* @global string $g_email_smime_key_file
*/
$g_email_smime_key_file = '';

/**
* mail private key pass
*
* @global string $g_email_smime_key_password
*/
$g_email_smime_key_password = '';

/**
* Path to mail extra certification file
*
* @global string $g_email_smime_extracerts_file
*/
$g_email_smime_extracerts_file = '';

/**
* It is recommended to use a cronjob or a scheduler task to send emails. The
* cronjob should typically run every 5 minutes. If no cronjob is used,then
Expand Down Expand Up @@ -4326,7 +4356,9 @@
'impersonate_user_threshold', 'email_retry_in_days', 'neato_tool', 'dot_tool',
'ldap_server', 'ldap_root_dn', 'ldap_organization', 'ldap_protocol_version',
'ldap_network_timeout', 'ldap_follow_referrals', 'ldap_bind_dn', 'ldap_bind_passwd',
'ldap_uid_field', 'ldap_realname_field', 'use_ldap_realname', 'use_ldap_email'
'ldap_uid_field', 'ldap_realname_field', 'use_ldap_realname', 'use_ldap_email',
'email_smime_cert_file', 'email_smime_key_file', 'email_smime_key_password',
'email_smime_extracerts_file',
);

/**
Expand Down
7 changes: 7 additions & 0 deletions core/email_api.php
Expand Up @@ -1332,6 +1332,13 @@ function email_send( EmailData $p_email_data ) {

$t_mail->Port = config_get( 'smtp_port' );

$t_mail->sign(
config_get_global( 'email_smime_cert_file' ),
config_get_global( 'email_smime_key_file' ),
config_get_global( 'email_smime_key_password' ),
config_get_global( 'email_smime_extracerts_file' )
);

break;
}

Expand Down

0 comments on commit 1bf2f04

Please sign in to comment.