Fix SMTP when TLS is disabled

This commit fixes mail sending when TLS is disabled. In Ruby 3.0.5, net-smtp v0.2.1 enabled TLS by default if the server advertises STARTTLS support. However, mail v2.7.1 didn't explicitly disable TLS (mikel/mail#1434), so TLS may be used with Ruby 3 even if it is disabled. mail v2.8.1 has since fixed this issue via mikel/mail#1480. However, mail v2.8.1 has a bug in the logic for retrieving the settings (https://github.com/mikel/mail/blob/2.8.1/lib/mail/network/delivery_methods/smtp.rb#L114): ``` tls = settings[:tls] || settings[:ssl] ``` If `settings[:tls]` is `false` and `settings[:ssl]` is `nil`, then the result of `false || nil` is `nil`. This means that TLS cannot be disabled if `settings[:tls]` is set to `false`. To fix this, just add a redundant `ssl` config parameter. This came out of https://gitlab.com/gitlab-org/gitlab/-/issues/399241. Changelog: fixed
bygf · Apr 6, 2023 · ad167cb · ad167cb
1 parent f4369ec
commit ad167cb
Showing 1 changed file with 1 addition and 0 deletions.
diff --git a/charts/gitlab/templates/_smtp.tpl b/charts/gitlab/templates/_smtp.tpl
@@ -24,6 +24,7 @@ smtp_settings = {
   {{- end }}
   {{- if has .Values.global.smtp.tls (list true false) }}
   tls: {{ .Values.global.smtp.tls }},
+  ssl: {{ .Values.global.smtp.tls }},
   {{- end }}
   {{- if .Values.global.smtp.openssl_verify_mode }}
   openssl_verify_mode: {{ .Values.global.smtp.openssl_verify_mode | quote }}