Introduced SMTP TLS version to default mail service and send email node

* added tlsVersion to TbSendEmailNode * added tlsVersion to DefaultMailService * added check tlsVersion for old version
2020-02-15 11:47:52 +02:00 · 2020-02-15 11:47:52 +02:00 · 416c3fd10e
commit 416c3fd10e
parent 03f5375a02
23 changed files with 3324 additions and 3272 deletions
--- a/application/src/main/java/org/thingsboard/server/service/install/DefaultSystemDataLoaderService.java
+++ b/application/src/main/java/org/thingsboard/server/service/install/DefaultSystemDataLoaderService.java
@ -106,9 +106,10 @@ public class DefaultSystemDataLoaderService implements SystemDataLoaderService {
        node.put("smtpHost", "localhost");
        node.put("smtpPort", "25");
        node.put("timeout", "10000");
-        node.put("enableTls", "false");
+        node.put("enableTls", false);
        node.put("username", "");
-        node.put("password", ""); //NOSONAR, key used to identify password field (not password value itself)
+        node.put("password", "");
+        node.put("tlsVersion", "TLSv1.2");//NOSONAR, key used to identify password field (not password value itself)
        mailSettings.setJsonValue(node);
        adminSettingsService.saveAdminSettings(TenantId.SYS_TENANT_ID, mailSettings);
    }
--- a/application/src/main/java/org/thingsboard/server/service/mail/DefaultMailService.java
+++ b/application/src/main/java/org/thingsboard/server/service/mail/DefaultMailService.java
@ -103,7 +103,11 @@ public class DefaultMailService implements MailService {
        javaMailProperties.put(MAIL_PROP + protocol + ".port", jsonConfig.get("smtpPort").asText());
        javaMailProperties.put(MAIL_PROP + protocol + ".timeout", jsonConfig.get("timeout").asText());
        javaMailProperties.put(MAIL_PROP + protocol + ".auth", String.valueOf(StringUtils.isNotEmpty(jsonConfig.get("username").asText())));
-        javaMailProperties.put(MAIL_PROP + protocol + ".starttls.enable", jsonConfig.has("enableTls") ? jsonConfig.get("enableTls").asText() : "false");
+        boolean enableTls = jsonConfig.has("enableTls") && jsonConfig.get("enableTls").booleanValue();
+        javaMailProperties.put(MAIL_PROP + protocol + ".starttls.enable", enableTls);
+        if (enableTls && jsonConfig.has("tlsVersion") && StringUtils.isNoneEmpty(jsonConfig.get("tlsVersion").asText())) {
+            javaMailProperties.put(MAIL_PROP + protocol + ".ssl.protocols", jsonConfig.get("tlsVersion").asText());
+        }
        return javaMailProperties;
    }

@ -213,7 +217,7 @@ public class DefaultMailService implements MailService {
    }

    @Override
-    public void sendAccountLockoutEmail( String lockoutEmail, String email, Integer maxFailedLoginAttempts) throws ThingsboardException {
+    public void sendAccountLockoutEmail(String lockoutEmail, String email, Integer maxFailedLoginAttempts) throws ThingsboardException {
        String subject = messages.getMessage("account.lockout.subject", null, Locale.US);

        Map<String, Object> model = new HashMap<String, Object>();
@ -244,7 +248,7 @@ public class DefaultMailService implements MailService {
    }

    private static String mergeTemplateIntoString(VelocityEngine velocityEngine, String templateLocation,
-                                                 String encoding, Map<String, Object> model) throws VelocityException {
+                                                  String encoding, Map<String, Object> model) throws VelocityException {

        StringWriter result = new StringWriter();
        mergeTemplate(velocityEngine, templateLocation, encoding, model, result);
--- a/dao/src/main/resources/cassandra/system-data.cql
+++ b/dao/src/main/resources/cassandra/system-data.cql
@ -38,7 +38,8 @@ VALUES ( now ( ), 'mail', '{
 	"smtpHost": "localhost",
 	"smtpPort": "25",
 	"timeout": "10000",
-	"enableTls": "false",
+	"enableTls": false,
+	"tlsVersion": "TLSv1.2",
 	"username": "",
 	"password": ""
 }' );
--- a/dao/src/main/resources/sql/system-data.sql
+++ b/dao/src/main/resources/sql/system-data.sql
@ -38,7 +38,8 @@ VALUES ( '1e746126eaaefa6a91992ebcb67fe33', 'mail', '{
 	"smtpHost": "localhost",
 	"smtpPort": "25",
 	"timeout": "10000",
-	"enableTls": "false",
+	"enableTls": false,
+	"tlsVersion": "TLSv1.2",
 	"username": "",
 	"password": ""
 }' );
--- a/rule-engine/rule-engine-components/src/main/java/org/thingsboard/rule/engine/mail/TbSendEmailNode.java
+++ b/rule-engine/rule-engine-components/src/main/java/org/thingsboard/rule/engine/mail/TbSendEmailNode.java
@ -20,8 +20,12 @@ import lombok.extern.slf4j.Slf4j;
 import org.apache.commons.lang3.StringUtils;
 import org.springframework.mail.javamail.JavaMailSenderImpl;
 import org.springframework.mail.javamail.MimeMessageHelper;
+import org.thingsboard.rule.engine.api.RuleNode;
+import org.thingsboard.rule.engine.api.TbContext;
+import org.thingsboard.rule.engine.api.TbNode;
+import org.thingsboard.rule.engine.api.TbNodeConfiguration;
+import org.thingsboard.rule.engine.api.TbNodeException;
 import org.thingsboard.rule.engine.api.util.TbNodeUtils;
-import org.thingsboard.rule.engine.api.*;
 import org.thingsboard.server.common.data.plugin.ComponentType;
 import org.thingsboard.server.common.msg.TbMsg;

@ -137,10 +141,13 @@ public class TbSendEmailNode implements TbNode {
        String protocol = this.config.getSmtpProtocol();
        javaMailProperties.put("mail.transport.protocol", protocol);
        javaMailProperties.put(MAIL_PROP + protocol + ".host", this.config.getSmtpHost());
-        javaMailProperties.put(MAIL_PROP + protocol + ".port", this.config.getSmtpPort()+"");
-        javaMailProperties.put(MAIL_PROP + protocol + ".timeout", this.config.getTimeout()+"");
+        javaMailProperties.put(MAIL_PROP + protocol + ".port", this.config.getSmtpPort() + "");
+        javaMailProperties.put(MAIL_PROP + protocol + ".timeout", this.config.getTimeout() + "");
        javaMailProperties.put(MAIL_PROP + protocol + ".auth", String.valueOf(StringUtils.isNotEmpty(this.config.getUsername())));
        javaMailProperties.put(MAIL_PROP + protocol + ".starttls.enable", Boolean.valueOf(this.config.isEnableTls()).toString());
+        if (this.config.isEnableTls() && StringUtils.isNoneEmpty(this.config.getTlsVersion())) {
+            javaMailProperties.put(MAIL_PROP + protocol + ".ssl.protocols", this.config.getTlsVersion());
+        }
        return javaMailProperties;
    }
 }
--- a/rule-engine/rule-engine-components/src/main/java/org/thingsboard/rule/engine/mail/TbSendEmailNodeConfiguration.java
+++ b/rule-engine/rule-engine-components/src/main/java/org/thingsboard/rule/engine/mail/TbSendEmailNodeConfiguration.java
@ -29,6 +29,7 @@ public class TbSendEmailNodeConfiguration implements NodeConfiguration {
    private String smtpProtocol;
    private int timeout;
    private boolean enableTls;
+    private String tlsVersion;

    @Override
    public TbSendEmailNodeConfiguration defaultConfiguration() {
@ -39,6 +40,7 @@ public class TbSendEmailNodeConfiguration implements NodeConfiguration {
        configuration.setSmtpPort(25);
        configuration.setTimeout(10000);
        configuration.setEnableTls(false);
+        configuration.setTlsVersion("TLSv1.2");
        return configuration;
    }
 }
--- a/ui/src/app/admin/outgoing-mail-settings.tpl.html
+++ b/ui/src/app/admin/outgoing-mail-settings.tpl.html
@ -78,8 +78,12 @@
 				              <div translate ng-message="md-maxlength">admin.timeout-invalid</div>
 	       				</div>				
 					</md-input-container>	
-					<md-checkbox ng-disabled="$root.loading" ng-true-value="'true'" ng-false-value="'false'"
+					<md-checkbox ng-disabled="$root.loading"
 								 aria-label="{{ 'admin.enable-tls' | translate }}" ng-model="vm.settings.jsonValue.enableTls">{{ 'admin.enable-tls' | translate }}</md-checkbox>
+					<md-input-container class="md-block" ng-if="vm.settings.jsonValue.enableTls">
+						<label translate>admin.tls-version</label>
+						<input name="tlsVersion" placeholder="{{ 'admin.enter-tls-version' | translate }}" ng-model="vm.settings.jsonValue.tlsVersion">
+					</md-input-container>
 					<md-input-container class="md-block">
 						<label translate>common.username</label>
 						<input name="username" placeholder="{{ 'common.enter-username' | translate }}" ng-model="vm.settings.jsonValue.username">
--- a/ui/src/app/locale/locale.constant-cs_CZ.json
+++ b/ui/src/app/locale/locale.constant-cs_CZ.json
@ -83,6 +83,8 @@
        "timeout-required": "Hodnota Časový limit je povinná.",
        "timeout-invalid": "Tohle nevypadá jako platný časový limit.",
        "enable-tls": "Povolit TLS",
+        "tls-version": "Verze TLS",
+        "enter-tls-version" : "Zadejte verzi TLS",
        "send-test-mail": "Odeslat testovací zprávu"
    },
    "alarm": {
--- a/ui/src/app/locale/locale.constant-de_DE.json
+++ b/ui/src/app/locale/locale.constant-de_DE.json
@ -83,6 +83,8 @@
    "timeout-required": "Wartezeit ist erforderlich.",
    "timeout-invalid": "Das ist keine gültige Wartezeit.",
    "enable-tls": "TLS aktivieren",
+    "tls-version" : "TLS-Version",
+    "enter-tls-version" : "Geben Sie die TLS-Version ein",
    "send-test-mail": "Test E-Mail senden",
    "security-settings": "Sicherheitseinstellungen",
    "password-policy": "Kennwortrichtlinie",
--- a/ui/src/app/locale/locale.constant-el_GR.json
+++ b/ui/src/app/locale/locale.constant-el_GR.json
@ -88,6 +88,8 @@
    "timeout-required": "Απαιτείται τιμή Timeout.",
    "timeout-invalid": "Αυτή δε φαίνεται να είναι μια έγκυρη τιμή timeout.",
    "enable-tls": "Ενεργοποίηση TLS",
+    "tls-version": "Έκδοση TLS",
+    "enter-tls-version" : "Εισαγάγετε την έκδοση TLS",
    "send-test-mail": "Αποστολή δοκιμαστικού μηνύματος",
    "use-system-mail-settings": "Χρήση των ρυθμίσεων διακομιστή αλληλογραφίας συστήματος",
    "mail-templates": "Πρότυπα αλληλογραφίας",
--- a/ui/src/app/locale/locale.constant-en_US.json
+++ b/ui/src/app/locale/locale.constant-en_US.json
@ -86,6 +86,8 @@
        "timeout-required": "Timeout is required.",
        "timeout-invalid": "That doesn't look like a valid timeout.",
        "enable-tls": "Enable TLS",
+        "tls-version": "TLS version",
+        "enter-tls-version" : "Enter TLS version",
        "send-test-mail": "Send test mail",
        "security-settings": "Security settings",
        "password-policy": "Password policy",
--- a/ui/src/app/locale/locale.constant-es_ES.json
+++ b/ui/src/app/locale/locale.constant-es_ES.json
@ -85,6 +85,8 @@
        "timeout-required": "Tiempo de espera es requerido.",
        "timeout-invalid": "Eso no parece un tiempo de espera válido.",
        "enable-tls": "Habilitar TLS",
+        "tls-version": "Versión TLS",
+        "enter-tls-version" : "Ingrese la versión de TLS",
        "send-test-mail": "Enviar correo de prueba",
        "password-policy": "Política de contraseñas",
        "security-settings": "Configuraciones de seguridad",
--- a/ui/src/app/locale/locale.constant-fa_IR.json
+++ b/ui/src/app/locale/locale.constant-fa_IR.json
@ -83,6 +83,8 @@
        "timeout-required": ".مهلت مورد نياز است",
        "timeout-invalid": ".مهلت، به نظر نمي آيد معتبر باشد",
        "enable-tls": "TLS فعال سازي",
+        "tls-version": "نسخه TLS",
+        "enter-tls-version" : "نسخه TLS را وارد کنید",
        "send-test-mail": "ارسال پيام آزمايشي"
    },
    "alarm": {
--- a/ui/src/app/locale/locale.constant-fr_FR.json
+++ b/ui/src/app/locale/locale.constant-fr_FR.json
--- a/ui/src/app/locale/locale.constant-it_IT.json
+++ b/ui/src/app/locale/locale.constant-it_IT.json
@ -84,6 +84,8 @@
        "timeout-required": "Timeout obbligatorio.",
        "timeout-invalid": "Timeout non valido.",
        "enable-tls": "Abilita TLS",
+        "tls-version" : "Versione TLS",
+        "enter-tls-version" : "Inserisci la versione TLS",
        "send-test-mail": "Invia mail di test",
        "security-settings": "Settaggi di sicurezza",
        "password-policy": "Politica password",
--- a/ui/src/app/locale/locale.constant-ja_JA.json
+++ b/ui/src/app/locale/locale.constant-ja_JA.json
--- a/ui/src/app/locale/locale.constant-ko_KR.json
+++ b/ui/src/app/locale/locale.constant-ko_KR.json
@ -83,6 +83,8 @@
        "timeout-required": "제한시간을 입력해야 합니다.",
        "timeout-invalid": "올바른 제한시간이 아닙니다.",
        "enable-tls": "TLS 사용",
+        "tls-version" : "TLS 버전",
+        "enter-tls-version" : "TLS 버전을 입력하세요",
        "send-test-mail": "테스트 메일 보내기"
    },
    "alarm": {
--- a/ui/src/app/locale/locale.constant-lv_LV.json
+++ b/ui/src/app/locale/locale.constant-lv_LV.json
@ -84,6 +84,8 @@
        "timeout-required": "Timeout is required.",
        "timeout-invalid": "That doesn't look like a valid timeout.",
        "enable-tls": "Enable TLS",
+        "tls-version": "TLS version",
+        "enter-tls-version" : "Enter TLS version",
        "send-test-mail": "Send test mail"
    },
    "alarm": {
--- a/ui/src/app/locale/locale.constant-ru_RU.json
+++ b/ui/src/app/locale/locale.constant-ru_RU.json
@ -85,6 +85,8 @@
        "timeout-required": "Таймаут обязателен.",
        "timeout-invalid": "Недействительный таймаут.",
        "enable-tls": "Включить TLS",
+        "tls-version" : "Версия TLS",
+        "enter-tls-version" : "Введите версию TLS",
        "send-test-mail": "Отправить пробное письмо",
        "security-settings": "Настройки безопасности",
        "password-policy": "Политика паролей",
--- a/ui/src/app/locale/locale.constant-tr_TR.json
+++ b/ui/src/app/locale/locale.constant-tr_TR.json
@ -83,6 +83,8 @@
        "timeout-required": "Zaman aşımı değeri gerekli.",
        "timeout-invalid": "Bu geçerli bir zaman aşımı gibi görünmüyor.",
        "enable-tls": "TLS'i etkinleştir.",
+        "tls-version" : "TLS sürümü",
+        "enter-tls-version" : "TLS sürümünü girin",
        "send-test-mail": "Test e-postası gönder"
    },
    "alarm": {
--- a/ui/src/app/locale/locale.constant-uk_UA.json
+++ b/ui/src/app/locale/locale.constant-uk_UA.json
@ -87,6 +87,8 @@
        "timeout-required": "Необхідно задати час очікування.",
        "timeout-invalid": "Це не схоже на правильний час очікування.",
        "enable-tls": "Увімкнути TLS",
+        "tls-version" : "Версія TLS",
+        "enter-tls-version" : "Вкажіть версію TLS",
        "send-test-mail": "Надіслати тестове повідомлення",
        "use-system-mail-settings": "Використовувати параметри системного поштового сервера",
        "mail-templates": "Шаблони електронної пошти",
--- a/ui/src/app/locale/locale.constant-zh_CN.json
+++ b/ui/src/app/locale/locale.constant-zh_CN.json
@ -83,6 +83,8 @@
        "timeout-required": "超时必填。",
        "timeout-invalid": "这看起来不像有效的超时值。",
        "enable-tls": "启用TLS",
+        "tls-version" : "TLS版本",
+        "enter-tls-version" : "输入TLS版本",
        "send-test-mail": "发送测试邮件"
    },
    "alarm": {
--- a/ui/src/app/locale/locale.constant-zh_TW.json
+++ b/ui/src/app/locale/locale.constant-zh_TW.json
@ -83,6 +83,8 @@
         "timeout-required": "超時必填。",
         "timeout-invalid": "這看起來不像有效的超時值。",
         "enable-tls": "啟用TLS",
+        "tls-version": "TLS版本",
+        "enter-tls-version" : "输入TLS版本",
         "send-test-mail": "發送測試郵件"
     },
     "alarm": {