server: deprecate smtp.tls_required, add smtp_encryption

This commit is contained in:
Valentin Tolmer 2022-07-30 15:41:10 +02:00 committed by nitnelave
parent 5a27ae4862
commit cd0ab378ef
2 changed files with 23 additions and 5 deletions

View File

@ -1,5 +1,6 @@
use clap::Parser; use clap::Parser;
use lettre::message::Mailbox; use lettre::message::Mailbox;
use serde::{Deserialize, Serialize};
/// lldap is a lightweight LDAP server /// lldap is a lightweight LDAP server
#[derive(Debug, Parser, Clone)] #[derive(Debug, Parser, Clone)]
@ -102,6 +103,14 @@ pub struct LdapsOpts {
pub ldaps_key_file: Option<String>, pub ldaps_key_file: Option<String>,
} }
clap::arg_enum! {
#[derive(Clone, Debug, Deserialize, Serialize)]
pub enum SmtpEncryption {
TLS,
STARTTLS,
}
}
#[derive(Debug, Parser, Clone)] #[derive(Debug, Parser, Clone)]
#[clap(next_help_heading = Some("SMTP"), setting = clap::AppSettings::DeriveDisplayOrder)] #[clap(next_help_heading = Some("SMTP"), setting = clap::AppSettings::DeriveDisplayOrder)]
pub struct SmtpOpts { pub struct SmtpOpts {
@ -130,8 +139,11 @@ pub struct SmtpOpts {
pub smtp_password: Option<String>, pub smtp_password: Option<String>,
/// Whether TLS should be used to connect to SMTP. /// Whether TLS should be used to connect to SMTP.
#[clap(long, env = "LLDAP_SMTP_OPTIONS__TLS_REQUIRED")] #[clap(long, env = "LLDAP_SMTP_OPTIONS__TLS_REQUIRED", setting=clap::ArgSettings::Hidden)]
pub smtp_tls_required: Option<bool>, pub smtp_tls_required: Option<bool>,
#[clap(long, env = "LLDAP_SMTP_OPTIONS__ENCRYPTION", possible_values = SmtpEncryption::variants(), case_insensitive = true)]
pub smtp_encryption: Option<SmtpEncryption>,
} }
#[derive(Debug, Parser, Clone)] #[derive(Debug, Parser, Clone)]

View File

@ -1,6 +1,6 @@
use crate::{ use crate::{
domain::handler::UserId, domain::handler::UserId,
infra::cli::{GeneralConfigOpts, LdapsOpts, RunOpts, SmtpOpts, TestEmailOpts}, infra::cli::{GeneralConfigOpts, LdapsOpts, RunOpts, SmtpEncryption, SmtpOpts, TestEmailOpts},
}; };
use anyhow::{Context, Result}; use anyhow::{Context, Result};
use figment::{ use figment::{
@ -29,8 +29,11 @@ pub struct MailOptions {
pub user: String, pub user: String,
#[builder(default = r#"SecUtf8::from("")"#)] #[builder(default = r#"SecUtf8::from("")"#)]
pub password: SecUtf8, pub password: SecUtf8,
#[builder(default = "true")] #[builder(default = "SmtpEncryption::TLS")]
pub tls_required: bool, pub smtp_encryption: SmtpEncryption,
/// Deprecated.
#[builder(default = "None")]
pub tls_required: Option<bool>,
} }
impl std::default::Default for MailOptions { impl std::default::Default for MailOptions {
@ -234,7 +237,7 @@ impl ConfigOverrider for SmtpOpts {
config.smtp_options.password = SecUtf8::from(password.clone()); config.smtp_options.password = SecUtf8::from(password.clone());
} }
if let Some(tls_required) = self.smtp_tls_required { if let Some(tls_required) = self.smtp_tls_required {
config.smtp_options.tls_required = tls_required; config.smtp_options.tls_required = Some(tls_required);
} }
} }
} }
@ -268,5 +271,8 @@ where
if config.ldap_user_pass == SecUtf8::from("password") { if config.ldap_user_pass == SecUtf8::from("password") {
println!("WARNING: Unsecure default admin password is used."); println!("WARNING: Unsecure default admin password is used.");
} }
if config.smtp_options.tls_required.is_some() {
println!("DEPRECATED: smtp_options.tls_required field is deprecated, it never did anything. You can replace it with smtp_options.smtp_encryption.");
}
Ok(config) Ok(config)
} }