Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: mailservice should send non signed emails, if keystore isn't defied; #4455

Merged
merged 5 commits into from
Apr 4, 2023
Merged

fix: mailservice should send non signed emails, if keystore isn't defied; #4455

merged 5 commits into from
Apr 4, 2023

Conversation

smansoft
Copy link
Contributor

@smansoft smansoft commented Apr 4, 2023
edited
Loading

Description

New version of json for configuring of smtp (i.e. all properties contain symbol '_'):

{
    "connectProtectionList":
        [
            "NONE",
            "START_TLS",
            "SSL_TLS"
        ],

    "trust_host": true,
    "connect_protection": "SslTls",
    "host": "smtp.gmail.com",
    "port": 465,
    "smtp_authentication_account_username": "sman2dev@gmail.com",
    "from_name": "Sergey Man",
    "from_email_address": "sman2dev@gmail.com",
    "requires_authentication": true,
    "smtp_authentication_account_password":"xxxxxxxxxxxxxxxx",
    "key_store":"/etc/certs/smtp-keys.p12",
    "key_store_password":"xxxxxxxxxxxxxxxx",
    "key_store_alias":"smtp_sig_ec256",
    "signing_algorithm":"SHA256withECDSA"
}

.
Configuring of smtp:

/opt/jans/jans-cli/config-cli.py --operation-id put-config-smtp --data ./smtp.json

.
Possible/supported case of configuring:

{
    "connectProtectionList":
        [
            "NONE",
            "START_TLS",
            "SSL_TLS"
        ],

    "trust_host": true,
    "connect_protection": "SslTls",
    "host": "smtp.gmail.com",
    "port": 465,
    "smtp_authentication_account_username": "sman2dev@gmail.com",
    "from_name": "Sergey Man",
    "from_email_address": "sman2dev@gmail.com",
    "requires_authentication": true,
    "smtp_authentication_account_password":"xxxxxxxxxxxxxxxx"
}

, i.e. this configuration json doesn't contain:

    "key_store": ...,
    "key_store_password": ...,
    "key_store_alias": ...,
    "signing_algorithm": ...

.
Sending of emails:

{
    "sign": true,
    "subject": "SMTP Configuration verification",
    "message": "Mail to test SMTP configuration"
}

or

{
    "sign": false,
    "subject": "SMTP Configuration verification",
    "message": "Mail to test SMTP configuration"
}

and:

/opt/jans/jans-cli/cli/config_cli.py --operation-id test-config-smtp --data ./smtp_test.json

.
If properties:

    "key_store": ...,
    "key_store_password": ...,
    "key_store_alias": ...,
    "signing_algorithm": ...

are not defined or some exception happened during reading of keystore (key, certificate),
MailService will try to send non-sigtned email, even, if "sign": true.

Issue: #4443.

@smansoft
fix: mailservice should send non signed emails, if keystore isn't def…
9ec4656 
…ined;

refactor: smtpconfiguration contains only '_' symbols in json properties;
@sonarcloud
Copy link

sonarcloud bot commented Apr 4, 2023

[jans-linux-setup] Kudos, SonarCloud Quality Gate passed!    Quality Gate passed

Bug A 0 Bugs
Vulnerability A 0 Vulnerabilities
Security Hotspot A 0 Security Hotspots
Code Smell A 0 Code Smells

No Coverage information No Coverage information
No Duplication information No Duplication information

@sonarcloud
Copy link

sonarcloud bot commented Apr 4, 2023

[Jans authentication server parent] Kudos, SonarCloud Quality Gate passed!    Quality Gate passed

Bug A 0 Bugs
Vulnerability A 0 Vulnerabilities
Security Hotspot A 0 Security Hotspots
Code Smell A 0 Code Smells

No Coverage information No Coverage information
No Duplication information No Duplication information

@sonarcloud
Copy link

sonarcloud bot commented Apr 4, 2023

[jans-config-api-parent] Kudos, SonarCloud Quality Gate passed!    Quality Gate passed

Bug A 0 Bugs
Vulnerability A 0 Vulnerabilities
Security Hotspot A 0 Security Hotspots
Code Smell A 0 Code Smells

0.0% 0.0% Coverage
0.0% 0.0% Duplication

@mo-auto mo-auto added comp-jans-config-api Component affected by issue or PR comp-jans-core Component affected by issue or PR comp-jans-linux-setup Component affected by issue or PR comp-jans-scim Component affected by issue or PR kind-bug Issue or PR is a bug in existing functionality labels Apr 4, 2023
@yurem yurem merged commit 7b41c44 into main Apr 4, 2023
@yurem yurem deleted the mailservice_if_keystore_isnot_defined_4443 branch April 4, 2023 20:33
@mo-auto3 mo-auto3 mentioned this pull request Apr 5, 2023
Merged
This was referenced Apr 5, 2023
Merged
Merged
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@yuriyz yuriyz yuriyz approved these changes

@jgomer2001 jgomer2001 jgomer2001 approved these changes

@yurem yurem yurem approved these changes

@devrimyatar devrimyatar Awaiting requested review from devrimyatar devrimyatar is a code owner

@pujavs pujavs Awaiting requested review from pujavs pujavs is a code owner

Assignees
No one assigned
Labels
comp-jans-config-api Component affected by issue or PR comp-jans-core Component affected by issue or PR comp-jans-linux-setup Component affected by issue or PR comp-jans-scim Component affected by issue or PR kind-bug Issue or PR is a bug in existing functionality
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
5 participants
@smansoft @yuriyz @jgomer2001 @yurem @mo-auto