diff options
| author | Tristan Darricau <github@nicofuma.fr> | 2017-03-19 18:07:14 +0100 |
|---|---|---|
| committer | Tristan Darricau <github@nicofuma.fr> | 2017-03-19 18:07:14 +0100 |
| commit | 552da2e80575c7db28449fd292d6bfa9b8f4b036 (patch) | |
| tree | 6f5336c037f6985bf84ab0eebbce85e925f6ef77 | |
| parent | 67509edd4070b6a8158e1572241a96bc28c8d3c9 (diff) | |
| parent | 0b2369901a4a6f5eb4cbc45981a13a91a1532994 (diff) | |
| download | forums-552da2e80575c7db28449fd292d6bfa9b8f4b036.tar forums-552da2e80575c7db28449fd292d6bfa9b8f4b036.tar.gz forums-552da2e80575c7db28449fd292d6bfa9b8f4b036.tar.bz2 forums-552da2e80575c7db28449fd292d6bfa9b8f4b036.tar.xz forums-552da2e80575c7db28449fd292d6bfa9b8f4b036.zip | |
Merge branch '3.1.x' into 3.2.x
* 3.1.x:
[ticket/13558] Change options prefix and add settings precautions.
[ticket/13558] Make SSL context specific options more SMTP general
[ticket/13558] Add smtp SSL context configuration options
| -rw-r--r-- | phpBB/includes/acp/acp_board.php | 3 | ||||
| -rw-r--r-- | phpBB/includes/functions_messenger.php | 13 | ||||
| -rw-r--r-- | phpBB/language/en/acp/board.php | 7 | ||||
| -rw-r--r-- | phpBB/phpbb/db/migration/data/v31x/add_smtp_ssl_context_config_options.php | 32 |
4 files changed, 54 insertions, 1 deletions
diff --git a/phpBB/includes/acp/acp_board.php b/phpBB/includes/acp/acp_board.php index 05a8b79137..a2644c0e37 100644 --- a/phpBB/includes/acp/acp_board.php +++ b/phpBB/includes/acp/acp_board.php @@ -459,6 +459,9 @@ class acp_board 'smtp_auth_method' => array('lang' => 'SMTP_AUTH_METHOD', 'validate' => 'string', 'type' => 'select', 'method' => 'mail_auth_select', 'explain' => true), 'smtp_username' => array('lang' => 'SMTP_USERNAME', 'validate' => 'string', 'type' => 'text:25:255', 'explain' => true), 'smtp_password' => array('lang' => 'SMTP_PASSWORD', 'validate' => 'string', 'type' => 'password:25:255', 'explain' => true), + 'smtp_verify_peer' => array('lang' => 'SMTP_VERIFY_PEER', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => true), + 'smtp_verify_peer_name' => array('lang' => 'SMTP_VERIFY_PEER_NAME', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => true), + 'smtp_allow_self_signed'=> array('lang' => 'SMTP_ALLOW_SELF_SIGNED','validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => true), 'legend3' => 'ACP_SUBMIT_CHANGES', ) diff --git a/phpBB/includes/functions_messenger.php b/phpBB/includes/functions_messenger.php index 526e18528f..757a49003b 100644 --- a/phpBB/includes/functions_messenger.php +++ b/phpBB/includes/functions_messenger.php @@ -1076,7 +1076,18 @@ function smtpmail($addresses, $subject, $message, &$err_msg, $headers = false) } $collector = new \phpbb\error_collector; $collector->install(); - $smtp->socket = fsockopen($config['smtp_host'], $config['smtp_port'], $errno, $errstr, 20); + + $options = array(); + $verify_peer = (bool) $config['smtp_verify_peer']; + $verify_peer_name = (bool) $config['smtp_verify_peer_name']; + $allow_self_signed = (bool) $config['smtp_allow_self_signed']; + $remote_socket = $config['smtp_host'] . ':' . $config['smtp_port']; + + // Set ssl context options, see http://php.net/manual/en/context.ssl.php + $options['ssl'] = array('verify_peer' => $verify_peer, 'verify_peer_name' => $verify_peer_name, 'allow_self_signed' => $allow_self_signed); + $socket_context = stream_context_create($options); + + $smtp->socket = stream_socket_client($remote_socket, $errno, $errstr, 20, STREAM_CLIENT_CONNECT, $socket_context); $collector->uninstall(); $error_contents = $collector->format_errors(); diff --git a/phpBB/language/en/acp/board.php b/phpBB/language/en/acp/board.php index 6a5a4158e3..1a98665973 100644 --- a/phpBB/language/en/acp/board.php +++ b/phpBB/language/en/acp/board.php @@ -567,6 +567,8 @@ $lang = array_merge($lang, array( 'ENABLE_EMAIL_EXPLAIN' => 'If this is set to disabled no emails will be sent by the board at all. <em>Note the user and admin account activation settings require this setting to be enabled. If currently using “user” or “admin” activation in the activation settings, disabling this setting will disable registration.</em>', 'SEND_TEST_EMAIL' => 'Send a test email', 'SEND_TEST_EMAIL_EXPLAIN' => 'This will send a test email to the address defined in your account.', + 'SMTP_ALLOW_SELF_SIGNED' => 'Allow self-signed SSL certificates', + 'SMTP_ALLOW_SELF_SIGNED_EXPLAIN'=> 'Allow connections to SMTP server with self-signed SSL certificate.<em><strong>Warning:</strong> Allowing self-signed SSL certificates may cause security implications.</em>', 'SMTP_AUTH_METHOD' => 'Authentication method for SMTP', 'SMTP_AUTH_METHOD_EXPLAIN' => 'Only used if a username/password is set, ask your provider if you are unsure which method to use.', 'SMTP_CRAM_MD5' => 'CRAM-MD5', @@ -583,7 +585,12 @@ $lang = array_merge($lang, array( 'SMTP_SETTINGS' => 'SMTP settings', 'SMTP_USERNAME' => 'SMTP username', 'SMTP_USERNAME_EXPLAIN' => 'Only enter a username if your SMTP server requires it.', + 'SMTP_VERIFY_PEER' => 'Verify SSL certificate', + 'SMTP_VERIFY_PEER_EXPLAIN' => 'Require verification of SSL certificate used by SMTP server.<em><strong>Warning:</strong> Connecting peers with unverified SSL certificates may cause security implications.</em>', + 'SMTP_VERIFY_PEER_NAME' => 'Verify SMTP peer name', + 'SMTP_VERIFY_PEER_NAME_EXPLAIN' => 'Require verification of peer name for SMTP servers using SSL / TLS connections.<em><strong>Warning:</strong> Connecting to unverified peers may cause security implications.</em>', 'TEST_EMAIL_SENT' => 'The test email has been sent.<br />If you don’t receive it, please check your emails configuration.<br /><br />If you require assistance, please visit the <a href="https://www.phpbb.com/community/">phpBB support forums</a>.', + 'USE_SMTP' => 'Use SMTP server for email', 'USE_SMTP_EXPLAIN' => 'Select “Yes” if you want or have to send email via a named server instead of the local mail function.', )); diff --git a/phpBB/phpbb/db/migration/data/v31x/add_smtp_ssl_context_config_options.php b/phpBB/phpbb/db/migration/data/v31x/add_smtp_ssl_context_config_options.php new file mode 100644 index 0000000000..92051dc3ca --- /dev/null +++ b/phpBB/phpbb/db/migration/data/v31x/add_smtp_ssl_context_config_options.php @@ -0,0 +1,32 @@ +<?php +/** +* +* This file is part of the phpBB Forum Software package. +* +* @copyright (c) phpBB Limited <https://www.phpbb.com> +* @license GNU General Public License, version 2 (GPL-2.0) +* +* For full copyright and license information, please see +* the docs/CREDITS.txt file. +* +*/ + +namespace phpbb\db\migration\data\v31x; + +class add_smtp_ssl_context_config_options extends \phpbb\db\migration\migration +{ + static public function depends_on() + { + return array('\phpbb\db\migration\data\v31x\v3110'); + } + + public function update_data() + { + return array( + // See http://php.net/manual/en/context.ssl.php + array('config.add', array('smtp_verify_peer', 1)), + array('config.add', array('smtp_verify_peer_name', 1)), + array('config.add', array('smtp_allow_self_signed', 0)), + ); + } +} |