diff --git a/framework/quota/src/main/java/org/apache/cloudstack/quota/QuotaAlertManagerImpl.java b/framework/quota/src/main/java/org/apache/cloudstack/quota/QuotaAlertManagerImpl.java index 189a097ebf4..019420c8a09 100644 --- a/framework/quota/src/main/java/org/apache/cloudstack/quota/QuotaAlertManagerImpl.java +++ b/framework/quota/src/main/java/org/apache/cloudstack/quota/QuotaAlertManagerImpl.java @@ -63,6 +63,7 @@ import com.sun.mail.smtp.SMTPMessage; import com.sun.mail.smtp.SMTPSSLTransport; import com.sun.mail.smtp.SMTPTransport; import org.apache.commons.lang3.StringUtils; +import org.apache.commons.lang.BooleanUtils; @Component public class QuotaAlertManagerImpl extends ManagerBase implements QuotaAlertManager { @@ -116,9 +117,11 @@ public class QuotaAlertManagerImpl extends ManagerBase implements QuotaAlertMana String smtpPassword = configs.get(QuotaConfig.QuotaSmtpPassword.key()); String emailSender = configs.get(QuotaConfig.QuotaSmtpSender.key()); String smtpEnabledSecurityProtocols = configs.get(QuotaConfig.QuotaSmtpEnabledSecurityProtocols.key()); + String useStartTLSStr = configs.get(QuotaConfig.QuotaSmtpUseStartTLS.key()); + boolean useStartTLS = BooleanUtils.toBoolean(useStartTLSStr); _lockAccountEnforcement = "true".equalsIgnoreCase(configs.get(QuotaConfig.QuotaEnableEnforcement.key())); - _emailQuotaAlert = new EmailQuotaAlert(smtpHost, smtpPort, useAuth, smtpUsername, smtpPassword, emailSender, smtpEnabledSecurityProtocols, _smtpDebug); + _emailQuotaAlert = new EmailQuotaAlert(smtpHost, smtpPort, useAuth, smtpUsername, smtpPassword, emailSender, smtpEnabledSecurityProtocols, useStartTLS, _smtpDebug); return true; } @@ -342,14 +345,16 @@ public class QuotaAlertManagerImpl extends ManagerBase implements QuotaAlertMana private final String _smtpUsername; private final String _smtpPassword; private final String _emailSender; + private final boolean smtpUseStartTLS; - public EmailQuotaAlert(String smtpHost, int smtpPort, boolean smtpUseAuth, final String smtpUsername, final String smtpPassword, String emailSender, String smtpEnabledSecurityProtocols, boolean smtpDebug) { + public EmailQuotaAlert(String smtpHost, int smtpPort, boolean smtpUseAuth, final String smtpUsername, final String smtpPassword, String emailSender, String smtpEnabledSecurityProtocols, boolean smtpUseStartTLS, boolean smtpDebug) { _smtpHost = smtpHost; _smtpPort = smtpPort; _smtpUseAuth = smtpUseAuth; _smtpUsername = smtpUsername; _smtpPassword = smtpPassword; _emailSender = emailSender; + this.smtpUseStartTLS = smtpUseStartTLS; if (!Strings.isNullOrEmpty(_smtpHost)) { Properties smtpProps = new Properties(); @@ -371,6 +376,10 @@ public class QuotaAlertManagerImpl extends ManagerBase implements QuotaAlertMana smtpProps.put("mail.smtp.ssl.protocols", smtpEnabledSecurityProtocols); } + if (smtpUseAuth) { + smtpProps.put("mail.smtp.starttls.enable", smtpUseStartTLS); + } + if (!Strings.isNullOrEmpty(smtpUsername) && !Strings.isNullOrEmpty(smtpPassword)) { _smtpSession = Session.getInstance(smtpProps, new Authenticator() { @Override @@ -413,7 +422,7 @@ public class QuotaAlertManagerImpl extends ManagerBase implements QuotaAlertMana msg.saveChanges(); SMTPTransport smtpTrans = null; - if (_smtpUseAuth) { + if (_smtpUseAuth && !this.smtpUseStartTLS) { smtpTrans = new SMTPSSLTransport(_smtpSession, new URLName("smtp", _smtpHost, _smtpPort, null, _smtpUsername, _smtpPassword)); } else { smtpTrans = new SMTPTransport(_smtpSession, new URLName("smtp", _smtpHost, _smtpPort, null, _smtpUsername, _smtpPassword)); diff --git a/framework/quota/src/main/java/org/apache/cloudstack/quota/constant/QuotaConfig.java b/framework/quota/src/main/java/org/apache/cloudstack/quota/constant/QuotaConfig.java index 14de1ce6b8c..4cb855f4fac 100644 --- a/framework/quota/src/main/java/org/apache/cloudstack/quota/constant/QuotaConfig.java +++ b/framework/quota/src/main/java/org/apache/cloudstack/quota/constant/QuotaConfig.java @@ -54,6 +54,9 @@ public interface QuotaConfig { public static final ConfigKey QuotaSmtpEnabledSecurityProtocols = new ConfigKey("Advanced", String.class, "quota.usage.smtp.enabledSecurityProtocols", "", "White-space separated security protocols; ex: \"TLSv1 TLSv1.1\". Supported protocols: SSLv2Hello, SSLv3, TLSv1, TLSv1.1 and TLSv1.2", true); + public static final ConfigKey QuotaSmtpUseStartTLS = new ConfigKey("Advanced", String.class, "quota.usage.smtp.useStartTLS", "false", + "If set to true and if we enable security via quota.usage.smtp.useAuth, this will enable StartTLS to secure the conection.", true); + enum QuotaEmailTemplateTypes { QUOTA_LOW, QUOTA_EMPTY, QUOTA_UNLOCK_ACCOUNT, QUOTA_STATEMENT } diff --git a/plugins/database/quota/src/main/java/org/apache/cloudstack/quota/QuotaServiceImpl.java b/plugins/database/quota/src/main/java/org/apache/cloudstack/quota/QuotaServiceImpl.java index 80d69b9a533..a8c28a53fe1 100644 --- a/plugins/database/quota/src/main/java/org/apache/cloudstack/quota/QuotaServiceImpl.java +++ b/plugins/database/quota/src/main/java/org/apache/cloudstack/quota/QuotaServiceImpl.java @@ -137,7 +137,7 @@ public class QuotaServiceImpl extends ManagerBase implements QuotaService, Confi @Override public ConfigKey[] getConfigKeys() { return new ConfigKey[] {QuotaPluginEnabled, QuotaEnableEnforcement, QuotaCurrencySymbol, QuotaStatementPeriod, QuotaSmtpHost, QuotaSmtpPort, QuotaSmtpTimeout, - QuotaSmtpUser, QuotaSmtpPassword, QuotaSmtpAuthType, QuotaSmtpSender, QuotaSmtpEnabledSecurityProtocols}; + QuotaSmtpUser, QuotaSmtpPassword, QuotaSmtpAuthType, QuotaSmtpSender, QuotaSmtpEnabledSecurityProtocols, QuotaSmtpUseStartTLS}; } @Override