Externalize TLS version on Quota's mailing (#4583)

Co-authored-by: Daniel Augusto Veronezi Salvador <daniel@scclouds.com.br>
2025-10-26 08:42:29 +01:00 · 2021-02-24 08:15:12 -03:00 · 2021-02-24 08:15:12 -03:00 · 31771186fa
commit 31771186fa
parent eba186aa40
3 changed files with 12 additions and 3 deletions
--- a/framework/quota/src/main/java/org/apache/cloudstack/quota/QuotaAlertManagerImpl.java
+++ b/framework/quota/src/main/java/org/apache/cloudstack/quota/QuotaAlertManagerImpl.java
@ -62,6 +62,7 @@ import com.google.common.base.Strings;
 import com.sun.mail.smtp.SMTPMessage;
 import com.sun.mail.smtp.SMTPSSLTransport;
 import com.sun.mail.smtp.SMTPTransport;
+import org.apache.commons.lang3.StringUtils;

@Component
 public class QuotaAlertManagerImpl extends ManagerBase implements QuotaAlertManager {
@ -114,8 +115,9 @@ public class QuotaAlertManagerImpl extends ManagerBase implements QuotaAlertMana
        String smtpUsername = configs.get(QuotaConfig.QuotaSmtpUser.key());
        String smtpPassword = configs.get(QuotaConfig.QuotaSmtpPassword.key());
        String emailSender = configs.get(QuotaConfig.QuotaSmtpSender.key());
+        String smtpEnabledSecurityProtocols = configs.get(QuotaConfig.QuotaSmtpEnabledSecurityProtocols.key());
        _lockAccountEnforcement = "true".equalsIgnoreCase(configs.get(QuotaConfig.QuotaEnableEnforcement.key()));
-        _emailQuotaAlert = new EmailQuotaAlert(smtpHost, smtpPort, useAuth, smtpUsername, smtpPassword, emailSender, _smtpDebug);
+        _emailQuotaAlert = new EmailQuotaAlert(smtpHost, smtpPort, useAuth, smtpUsername, smtpPassword, emailSender, smtpEnabledSecurityProtocols, _smtpDebug);

        return true;
    }
@ -341,7 +343,7 @@ public class QuotaAlertManagerImpl extends ManagerBase implements QuotaAlertMana
        private final String _smtpPassword;
        private final String _emailSender;

-        public EmailQuotaAlert(String smtpHost, int smtpPort, boolean smtpUseAuth, final String smtpUsername, final String smtpPassword, String emailSender, boolean smtpDebug) {
+        public EmailQuotaAlert(String smtpHost, int smtpPort, boolean smtpUseAuth, final String smtpUsername, final String smtpPassword, String emailSender, String smtpEnabledSecurityProtocols, boolean smtpDebug) {
            _smtpHost = smtpHost;
            _smtpPort = smtpPort;
            _smtpUseAuth = smtpUseAuth;
@ -365,6 +367,10 @@ public class QuotaAlertManagerImpl extends ManagerBase implements QuotaAlertMana
                    smtpProps.put("mail.smtps.user", smtpUsername);
                }

+                if (StringUtils.isNotBlank(smtpEnabledSecurityProtocols)) {
+                    smtpProps.put("mail.smtp.ssl.protocols", smtpEnabledSecurityProtocols);
+                }
+
                if (!Strings.isNullOrEmpty(smtpUsername) && !Strings.isNullOrEmpty(smtpPassword)) {
                    _smtpSession = Session.getInstance(smtpProps, new Authenticator() {
                        @Override
--- a/framework/quota/src/main/java/org/apache/cloudstack/quota/constant/QuotaConfig.java
+++ b/framework/quota/src/main/java/org/apache/cloudstack/quota/constant/QuotaConfig.java
@ -51,6 +51,9 @@ public interface QuotaConfig {
    public static final ConfigKey<String> QuotaSmtpSender = new ConfigKey<String>("Advanced", String.class, "quota.usage.smtp.sender", "",
            "Sender of quota alert email (will be in the From header of the email)", true);

+    public static final ConfigKey<String> QuotaSmtpEnabledSecurityProtocols = new ConfigKey<String>("Advanced", String.class, "quota.usage.smtp.enabledSecurityProtocols", "",
+            "White-space separated security protocols; ex: \"TLSv1 TLSv1.1\". Supported protocols: SSLv2Hello, SSLv3, TLSv1, TLSv1.1 and TLSv1.2", true);
+
    enum QuotaEmailTemplateTypes {
        QUOTA_LOW, QUOTA_EMPTY, QUOTA_UNLOCK_ACCOUNT, QUOTA_STATEMENT
    }
--- a/plugins/database/quota/src/main/java/org/apache/cloudstack/quota/QuotaServiceImpl.java
+++ b/plugins/database/quota/src/main/java/org/apache/cloudstack/quota/QuotaServiceImpl.java
@ -137,7 +137,7 @@ public class QuotaServiceImpl extends ManagerBase implements QuotaService, Confi
    @Override
    public ConfigKey<?>[] getConfigKeys() {
        return new ConfigKey<?>[] {QuotaPluginEnabled, QuotaEnableEnforcement, QuotaCurrencySymbol, QuotaStatementPeriod, QuotaSmtpHost, QuotaSmtpPort, QuotaSmtpTimeout,
-                QuotaSmtpUser, QuotaSmtpPassword, QuotaSmtpAuthType, QuotaSmtpSender};
+                QuotaSmtpUser, QuotaSmtpPassword, QuotaSmtpAuthType, QuotaSmtpSender, QuotaSmtpEnabledSecurityProtocols};
    }

    @Override