From cd0ab378efb48d5ef2c1b0edc9bac924dd0a8889 Mon Sep 17 00:00:00 2001 From: Valentin Tolmer Date: Sat, 30 Jul 2022 15:41:10 +0200 Subject: [PATCH] server: deprecate smtp.tls_required, add smtp_encryption --- server/src/infra/cli.rs | 14 +++++++++++++- server/src/infra/configuration.rs | 14 ++++++++++---- 2 files changed, 23 insertions(+), 5 deletions(-) diff --git a/server/src/infra/cli.rs b/server/src/infra/cli.rs index 4472304..202c3b8 100644 --- a/server/src/infra/cli.rs +++ b/server/src/infra/cli.rs @@ -1,5 +1,6 @@ use clap::Parser; use lettre::message::Mailbox; +use serde::{Deserialize, Serialize}; /// lldap is a lightweight LDAP server #[derive(Debug, Parser, Clone)] @@ -102,6 +103,14 @@ pub struct LdapsOpts { pub ldaps_key_file: Option, } +clap::arg_enum! { +#[derive(Clone, Debug, Deserialize, Serialize)] +pub enum SmtpEncryption { + TLS, + STARTTLS, +} +} + #[derive(Debug, Parser, Clone)] #[clap(next_help_heading = Some("SMTP"), setting = clap::AppSettings::DeriveDisplayOrder)] pub struct SmtpOpts { @@ -130,8 +139,11 @@ pub struct SmtpOpts { pub smtp_password: Option, /// Whether TLS should be used to connect to SMTP. - #[clap(long, env = "LLDAP_SMTP_OPTIONS__TLS_REQUIRED")] + #[clap(long, env = "LLDAP_SMTP_OPTIONS__TLS_REQUIRED", setting=clap::ArgSettings::Hidden)] pub smtp_tls_required: Option, + + #[clap(long, env = "LLDAP_SMTP_OPTIONS__ENCRYPTION", possible_values = SmtpEncryption::variants(), case_insensitive = true)] + pub smtp_encryption: Option, } #[derive(Debug, Parser, Clone)] diff --git a/server/src/infra/configuration.rs b/server/src/infra/configuration.rs index 687c3e8..96ef30a 100644 --- a/server/src/infra/configuration.rs +++ b/server/src/infra/configuration.rs @@ -1,6 +1,6 @@ use crate::{ domain::handler::UserId, - infra::cli::{GeneralConfigOpts, LdapsOpts, RunOpts, SmtpOpts, TestEmailOpts}, + infra::cli::{GeneralConfigOpts, LdapsOpts, RunOpts, SmtpEncryption, SmtpOpts, TestEmailOpts}, }; use anyhow::{Context, Result}; use figment::{ @@ -29,8 +29,11 @@ pub struct MailOptions { pub user: String, #[builder(default = r#"SecUtf8::from("")"#)] pub password: SecUtf8, - #[builder(default = "true")] - pub tls_required: bool, + #[builder(default = "SmtpEncryption::TLS")] + pub smtp_encryption: SmtpEncryption, + /// Deprecated. + #[builder(default = "None")] + pub tls_required: Option, } impl std::default::Default for MailOptions { @@ -234,7 +237,7 @@ impl ConfigOverrider for SmtpOpts { config.smtp_options.password = SecUtf8::from(password.clone()); } if let Some(tls_required) = self.smtp_tls_required { - config.smtp_options.tls_required = tls_required; + config.smtp_options.tls_required = Some(tls_required); } } } @@ -268,5 +271,8 @@ where if config.ldap_user_pass == SecUtf8::from("password") { println!("WARNING: Unsecure default admin password is used."); } + if config.smtp_options.tls_required.is_some() { + println!("DEPRECATED: smtp_options.tls_required field is deprecated, it never did anything. You can replace it with smtp_options.smtp_encryption."); + } Ok(config) }