Merge pull request #3151 from ywk253100/170830_email_insecure

Expose the insecure flag for email configuration
2024-11-22 18:25:56 +01:00 · 2017-09-15 15:01:30 +08:00 · 2017-09-15 15:01:30 +08:00 · 8d7644b8b5
commit 8d7644b8b5
parent dbf7bf18a7 c43dd782a1
9 changed files with 20 additions and 3 deletions
--- a/docs/swagger.yaml
+++ b/docs/swagger.yaml
@ -2727,6 +2727,9 @@ definitions:
      email_ssl:
        type: boolean
        description: When it's set to true the system will access Email server via TLS by default.  If it's set to false, it still will handle "STARTTLS" from server side.
+      email_insecure:
+        type: boolean
+        description: Whether or not the certificate will be verified when Harbor tries to access the email server.
      ldap_url:
        type: string
        description: The URL of LDAP server.
--- a/src/adminserver/systemcfg/systemcfg.go
+++ b/src/adminserver/systemcfg/systemcfg.go
@ -91,6 +91,10 @@ var (
 			env:   "EMAIL_SSL",
 			parse: parseStringToBool,
 		},
+		common.EmailInsecure: &parser{
+			env:   "EMAIL_INSECURE",
+			parse: parseStringToBool,
+		},
 		common.EmailFrom:     "EMAIL_FROM",
 		common.EmailIdentity: "EMAIL_IDENTITY",
 		common.RegistryURL:   "REGISTRY_URL",
--- a/src/common/const.go
+++ b/src/common/const.go
@ -55,6 +55,7 @@ const (
 	EmailFrom                  = "email_from"
 	EmailSSL                   = "email_ssl"
 	EmailIdentity              = "email_identity"
+	EmailInsecure              = "email_insecure"
 	ProjectCreationRestriction = "project_creation_restriction"
 	VerifyRemoteCert           = "verify_remote_cert"
 	MaxJobWorkers              = "max_job_workers"
--- a/src/common/models/config.go
+++ b/src/common/models/config.go
@ -65,6 +65,7 @@ type Email struct {
 	SSL      bool   `json:"ssl"`
 	Identity string `json:"identity"`
 	From     string `json:"from"`
+	Insecure bool   `json:"insecure"`
 }

 /*
--- a/src/common/utils/test/adminserver.go
+++ b/src/common/utils/test/adminserver.go
@ -50,6 +50,7 @@ var adminServerDefaultConfig = map[string]interface{}{
 	common.EmailPassword:              "password",
 	common.EmailFrom:                  "from",
 	common.EmailSSL:                   true,
+	common.EmailInsecure:              false,
 	common.EmailIdentity:              "",
 	common.ProjectCreationRestriction: common.ProCrtRestrAdmOnly,
 	common.VerifyRemoteCert:           false,
--- a/src/ui/api/config.go
+++ b/src/ui/api/config.go
@ -47,6 +47,7 @@ var (
 		common.EmailFrom,
 		common.EmailSSL,
 		common.EmailIdentity,
+		common.EmailInsecure,
 		common.ProjectCreationRestriction,
 		common.VerifyRemoteCert,
 		common.TokenExpiration,
@ -78,6 +79,7 @@ var (

 	boolKeys = []string{
 		common.EmailSSL,
+		common.EmailInsecure,
 		common.SelfRegistration,
 		common.VerifyRemoteCert,
 	}
--- a/src/ui/api/email.go
+++ b/src/ui/api/email.go
@ -51,7 +51,7 @@ func (e *EmailAPI) Prepare() {
 func (e *EmailAPI) Ping() {
 	var host, username, password, identity string
 	var port int
-	var ssl bool
+	var ssl, insecure bool
 	body := e.Ctx.Input.CopyBody(1 << 32)
 	if body == nil || len(body) == 0 {
 		cfg, err := config.Email()
@ -66,6 +66,7 @@ func (e *EmailAPI) Ping() {
 		password = cfg.Password
 		identity = cfg.Identity
 		ssl = cfg.SSL
+		insecure = cfg.Insecure
 	} else {
 		settings := &struct {
 			Host     string  `json:"email_host"`
@ -74,6 +75,7 @@ func (e *EmailAPI) Ping() {
 			Password *string `json:"email_password"`
 			SSL      bool    `json:"email_ssl"`
 			Identity string  `json:"email_identity"`
+			Insecure bool    `json:"email_insecure"`
 		}{}
 		e.DecodeJSONReq(&settings)

@ -98,11 +100,12 @@ func (e *EmailAPI) Ping() {
 		password = *settings.Password
 		identity = settings.Identity
 		ssl = settings.SSL
+		insecure = settings.Insecure
 	}

 	addr := net.JoinHostPort(host, strconv.Itoa(port))
 	if err := email.Ping(addr, identity, username,
-		password, pingEmailTimeout, ssl, false); err != nil {
+		password, pingEmailTimeout, ssl, insecure); err != nil {
 		log.Debugf("ping %s failed: %v", addr, err)
 		e.CustomAbort(http.StatusBadRequest, err.Error())
 	}
--- a/src/ui/config/config.go
+++ b/src/ui/config/config.go
@ -298,6 +298,7 @@ func Email() (*models.Email, error) {
 	email.SSL = cfg[common.EmailSSL].(bool)
 	email.From = cfg[common.EmailFrom].(string)
 	email.Identity = cfg[common.EmailIdentity].(string)
+	email.Insecure = cfg[common.EmailInsecure].(bool)

 	return email, nil
 }
--- a/src/ui/controllers/base.go
+++ b/src/ui/controllers/base.go
@ -171,7 +171,8 @@ func (cc *CommonController) SendEmail() {
 		settings.Username,
 		settings.Password,
 		60, settings.SSL,
-		false, settings.From,
+		settings.Insecure,
+		settings.From,
 		[]string{email},
 		"Reset Harbor user password",
 		message.String())