notifications: Deprecate redundant encryptions settings

'tls' and 'ssl' are duplicates of 'starttls' and 'ssltls' and have been deprecated
in the upstream modules we use for sending mail notifications. Let's deprecate them
as well and issue a warning when they are still used.

Fixes: owncloud#7345

changelog/unreleased/enhancement-notifications-auto-auth-settings.md

@@ -0,0 +1,7 @@
+Enhancement: We introduced the new value `auto` for NOTIFICATIONS_SMTP_AUTHENTICATION
+
+This cause the notifications service to automatically pick a suitable authentication
+method to use with the configured SMTP server. This is also the new default behavior.
+The previous default was to not use authentication at all.
+
+https://github.com/owncloud/ocis/issues/7356

changelog/unreleased/fix-notifications-redundant-settings.md

@@ -0,0 +1,8 @@
+Bugfix: Deprecate redundant encryptions settings for notification service
+
+The values `tls` and `ssl` for the `smtp_encryption` configuration setting are
+duplicates of `starttls` and `ssltls`. They have been marked as deprecated.
+A warning will be logged when they are still used. Please use `starttls` instead
+for `tls` and `ssltls` instead of `ssl.
+
+https://github.com/owncloud/ocis/issues/7345

services/notifications/pkg/config/config.go

@@ -44,7 +44,7 @@ type SMTP struct {
 	Password       string `yaml:"smtp_password" env:"NOTIFICATIONS_SMTP_PASSWORD" desc:"Password for the SMTP host to connect to."`
 	Insecure       bool   `yaml:"insecure" env:"NOTIFICATIONS_SMTP_INSECURE" desc:"Allow insecure connections to the SMTP server."`
 	Authentication string `yaml:"smtp_authentication" env:"NOTIFICATIONS_SMTP_AUTHENTICATION" desc:"Authentication method for the SMTP communication. Possible values are 'login', 'plain', 'crammd5', 'none'"`
-	Encryption     string `yaml:"smtp_encryption" env:"NOTIFICATIONS_SMTP_ENCRYPTION" desc:"Encryption method for the SMTP communication. Possible values  are 'starttls', 'ssl', 'ssltls', 'tls'  and 'none'."`
+	Encryption     string `yaml:"smtp_encryption" env:"NOTIFICATIONS_SMTP_ENCRYPTION" desc:"Encryption method for the SMTP communication. Possible values  are 'starttls', 'ssl', 'ssltls', 'tls'  and 'none'." deprecationVersion:"5.0.0" removalVersion:"6.0.0" deprecationInfo:"The NOTIFICATIONS_SMTP_ENCRYPTION values 'ssl' and 'tls' are deprecated and will be removed in the future." deprecationReplacement:"Use 'starttls' instead of 'tls' and 'ssltls' instead of 'ssl'."`
 }
 
 // Events combines the configuration options for the event bus.

services/notifications/pkg/config/parser/parse.go

@@ -2,10 +2,12 @@ package parser
 
 import (
 	"errors"
+	"fmt"
 
 	ociscfg "github.com/owncloud/ocis/v2/ocis-pkg/config"
 	"github.com/owncloud/ocis/v2/services/notifications/pkg/config"
 	"github.com/owncloud/ocis/v2/services/notifications/pkg/config/defaults"
+	"github.com/owncloud/ocis/v2/services/notifications/pkg/logging"
 
 	"github.com/owncloud/ocis/v2/ocis-pkg/config/envdecode"
 )
@@ -33,5 +35,22 @@ func ParseConfig(cfg *config.Config) error {
 }
 
 func Validate(cfg *config.Config) error {
+	logger := logging.Configure(cfg.Service.Name, cfg.Log)
+
+	if cfg.Notifications.SMTP.Host != "" {
+		switch cfg.Notifications.SMTP.Encryption {
+		case "tls":
+			logger.Warn().Msg("The smtp_encryption value 'tls' is deprecated. Please use the value 'starttls' instead.")
+		case "ssl":
+			logger.Warn().Msg("The smtp_encryption value 'ssl' is deprecated. Please use the value 'ssltls' instead.")
+		case "starttls", "ssltls":
+			break
+		default:
+			return fmt.Errorf(
+				"unknown value '%s' for 'smtp_encryption' in service %s. Allowed values are 'starttls', 'ssltls', 'tls' (deprecated) or 'ssl' (deprecated)",
+				cfg.Notifications.SMTP.Encryption, cfg.Service.Name,
+			)
+		}
+	}
 	return nil
 }