From 6f4e38d129ffaf469d40fc8596d3957ee94d21e9 Mon Sep 17 00:00:00 2001
From: AJ Moon <moonmeister@users.noreply.github.com>
Date: Mon, 31 Jul 2017 08:15:01 -0700
Subject: [GH-6366] Add functionality to disable Authentication when connecting
 to SMTP (#6639)

* Issue #6366: Add feature to disable auth for Encrypted connections to SMTP settings.

* Clean PLAIN AUTH Option

* Reorder SMTP server setup and change helptext

* remove unneeded setting and modify logic

* text description change
---
 config/config.json                                 |  3 +-
 model/config.go                                    | 14 ++++
 utils/mail.go                                      | 22 +++---
 .../connection_security_dropdown_setting.jsx       | 19 -----
 webapp/components/admin_console/email_settings.jsx | 81 ++++++++++++++--------
 webapp/i18n/en.json                                |  8 +--
 6 files changed, 80 insertions(+), 67 deletions(-)

diff --git a/config/config.json b/config/config.json
index 0c7144f1a..316e9de01 100644
--- a/config/config.json
+++ b/config/config.json
@@ -129,6 +129,7 @@
         "FeedbackName": "",
         "FeedbackEmail": "test@example.com",
         "FeedbackOrganization": "",
+        "EnableSMTPAuth": false,
         "SMTPUsername": "",
         "SMTPPassword": "",
         "SMTPServer": "dockerhost",
@@ -299,4 +300,4 @@
         "RunJobs": true,
         "RunScheduler": true
     }
-}
\ No newline at end of file
+}
diff --git a/model/config.go b/model/config.go
index a1af59185..02af64477 100644
--- a/model/config.go
+++ b/model/config.go
@@ -262,6 +262,7 @@ type EmailSettings struct {
 	FeedbackName                      string
 	FeedbackEmail                     string
 	FeedbackOrganization              *string
+	EnableSMTPAuth                    *bool
 	SMTPUsername                      string
 	SMTPPassword                      string
 	SMTPServer                        string
@@ -785,6 +786,19 @@ func (o *Config) SetDefaults() {
 		*o.EmailSettings.EmailBatchingInterval = EMAIL_BATCHING_INTERVAL
 	}
 
+	if o.EmailSettings.EnableSMTPAuth == nil {
+		o.EmailSettings.EnableSMTPAuth = new(bool)
+		if o.EmailSettings.ConnectionSecurity == CONN_SECURITY_NONE {
+			*o.EmailSettings.EnableSMTPAuth = false
+		} else {
+			*o.EmailSettings.EnableSMTPAuth = true
+		}
+	}
+
+	if o.EmailSettings.ConnectionSecurity == CONN_SECURITY_PLAIN {
+		o.EmailSettings.ConnectionSecurity = CONN_SECURITY_NONE
+	}
+
 	if o.EmailSettings.SkipServerCertificateVerification == nil {
 		o.EmailSettings.SkipServerCertificateVerification = new(bool)
 		*o.EmailSettings.SkipServerCertificateVerification = false
diff --git a/utils/mail.go b/utils/mail.go
index 4b3102424..41011d67e 100644
--- a/utils/mail.go
+++ b/utils/mail.go
@@ -6,13 +6,14 @@ package utils
 import (
 	"crypto/tls"
 	"fmt"
-	l4g "github.com/alecthomas/log4go"
-	"github.com/mattermost/platform/model"
 	"mime"
 	"net"
 	"net/mail"
 	"net/smtp"
 	"time"
+
+	l4g "github.com/alecthomas/log4go"
+	"github.com/mattermost/platform/model"
 )
 
 func encodeRFC2047Word(s string) string {
@@ -59,22 +60,17 @@ func newSMTPClient(conn net.Conn, config *model.Config) (*smtp.Client, *model.Ap
 		}
 	}
 
-	auth := smtp.PlainAuth("", config.EmailSettings.SMTPUsername, config.EmailSettings.SMTPPassword, config.EmailSettings.SMTPServer+":"+config.EmailSettings.SMTPPort)
-	if config.EmailSettings.ConnectionSecurity == model.CONN_SECURITY_TLS {
-		if err = c.Auth(auth); err != nil {
-			return nil, model.NewLocAppError("SendMail", "utils.mail.new_client.auth.app_error", nil, err.Error())
-		}
-	} else if config.EmailSettings.ConnectionSecurity == model.CONN_SECURITY_STARTTLS {
+	if config.EmailSettings.ConnectionSecurity == model.CONN_SECURITY_STARTTLS {
 		tlsconfig := &tls.Config{
 			InsecureSkipVerify: *config.EmailSettings.SkipServerCertificateVerification,
 			ServerName:         config.EmailSettings.SMTPServer,
 		}
 		c.StartTLS(tlsconfig)
-		if err = c.Auth(auth); err != nil {
-			return nil, model.NewLocAppError("SendMail", "utils.mail.new_client.auth.app_error", nil, err.Error())
-		}
-	} else if config.EmailSettings.ConnectionSecurity == model.CONN_SECURITY_PLAIN {
-		// note: go library only supports PLAIN auth over non-tls connections
+	}
+
+	if *config.EmailSettings.EnableSMTPAuth {
+		auth := smtp.PlainAuth("", config.EmailSettings.SMTPUsername, config.EmailSettings.SMTPPassword, config.EmailSettings.SMTPServer+":"+config.EmailSettings.SMTPPort)
+
 		if err = c.Auth(auth); err != nil {
 			return nil, model.NewLocAppError("SendMail", "utils.mail.new_client.auth.app_error", nil, err.Error())
 		}
diff --git a/webapp/components/admin_console/connection_security_dropdown_setting.jsx b/webapp/components/admin_console/connection_security_dropdown_setting.jsx
index 3a8e5f7fe..b7b283be1 100644
--- a/webapp/components/admin_console/connection_security_dropdown_setting.jsx
+++ b/webapp/components/admin_console/connection_security_dropdown_setting.jsx
@@ -26,23 +26,6 @@ const SECTION_NONE = (
     </tr>
 );
 
-const SECTION_PLAIN = (
-    <tr>
-        <td>
-            <FormattedMessage
-                id='admin.connectionSecurityPlain'
-                defaultMessage='PLAIN'
-            />
-        </td>
-        <td>
-            <FormattedMessage
-                id='admin.connectionSecurityPlainDescription'
-                defaultMessage='Mattermost will connect and authenticate over an insecure connection.'
-            />
-        </td>
-    </tr>
-);
-
 const SECTION_TLS = (
     <tr>
         <td>
@@ -84,7 +67,6 @@ const CONNECTION_SECURITY_HELP_TEXT_EMAIL = (
     >
         <tbody>
             {SECTION_NONE}
-            {SECTION_PLAIN}
             {SECTION_TLS}
             {SECTION_STARTTLS}
         </tbody>
@@ -122,7 +104,6 @@ export function ConnectionSecurityDropdownSettingEmail(props) {
             id='connectionSecurity'
             values={[
                 {value: '', text: Utils.localizeMessage('admin.connectionSecurityNone', 'None')},
-                {value: 'PLAIN', text: Utils.localizeMessage('admin.connectionSecurityPlain')},
                 {value: 'TLS', text: Utils.localizeMessage('admin.connectionSecurityTls', 'TLS (Recommended)')},
                 {value: 'STARTTLS', text: Utils.localizeMessage('admin.connectionSecurityStart')}
             ]}
diff --git a/webapp/components/admin_console/email_settings.jsx b/webapp/components/admin_console/email_settings.jsx
index ddfe3c38f..d7694ebb6 100644
--- a/webapp/components/admin_console/email_settings.jsx
+++ b/webapp/components/admin_console/email_settings.jsx
@@ -32,6 +32,7 @@ export default class EmailSettings extends AdminSettings {
         config.EmailSettings.FeedbackName = this.state.feedbackName;
         config.EmailSettings.FeedbackEmail = this.state.feedbackEmail;
         config.EmailSettings.FeedbackOrganization = this.state.feedbackOrganization;
+        config.EmailSettings.EnableSMTPAuth = this.state.enableSMTPAuth;
         config.EmailSettings.SMTPUsername = this.state.smtpUsername;
         config.EmailSettings.SMTPPassword = this.state.smtpPassword;
         config.EmailSettings.SMTPServer = this.state.smtpServer;
@@ -56,6 +57,7 @@ export default class EmailSettings extends AdminSettings {
             feedbackName: config.EmailSettings.FeedbackName,
             feedbackEmail: config.EmailSettings.FeedbackEmail,
             feedbackOrganization: config.EmailSettings.FeedbackOrganization,
+            enableSMTPAuth: config.EmailSettings.EnableSMTPAuth,
             smtpUsername: config.EmailSettings.SMTPUsername,
             smtpPassword: config.EmailSettings.SMTPPassword,
             smtpServer: config.EmailSettings.SMTPServer,
@@ -202,80 +204,99 @@ export default class EmailSettings extends AdminSettings {
                     disabled={!this.state.sendEmailNotifications}
                 />
                 <TextSetting
-                    id='smtpUsername'
+                    id='smtpServer'
                     label={
                         <FormattedMessage
-                            id='admin.email.smtpUsernameTitle'
-                            defaultMessage='SMTP Server Username:'
+                            id='admin.email.smtpServerTitle'
+                            defaultMessage='SMTP Server:'
                         />
                     }
-                    placeholder={Utils.localizeMessage('admin.email.smtpUsernameExample', 'Ex: "admin@yourcompany.com", "AKIADTOVBGERKLCBV"')}
+                    placeholder={Utils.localizeMessage('admin.email.smtpServerExample', 'Ex: "smtp.yourcompany.com", "email-smtp.us-east-1.amazonaws.com"')}
                     helpText={
                         <FormattedMessage
-                            id='admin.email.smtpUsernameDescription'
-                            defaultMessage=' Obtain this credential from administrator setting up your email server.'
+                            id='admin.email.smtpServerDescription'
+                            defaultMessage='Location of SMTP email server.'
                         />
                     }
-                    value={this.state.smtpUsername}
+                    value={this.state.smtpServer}
                     onChange={this.handleChange}
                     disabled={!this.state.sendEmailNotifications}
                 />
                 <TextSetting
-                    id='smtpPassword'
+                    id='smtpPort'
                     label={
                         <FormattedMessage
-                            id='admin.email.smtpPasswordTitle'
-                            defaultMessage='SMTP Server Password:'
+                            id='admin.email.smtpPortTitle'
+                            defaultMessage='SMTP Server Port:'
                         />
                     }
-                    placeholder={Utils.localizeMessage('admin.email.smtpPasswordExample', 'Ex: "yourpassword", "jcuS8PuvcpGhpgHhlcpT1Mx42pnqMxQY"')}
+                    placeholder={Utils.localizeMessage('admin.email.smtpPortExample', 'Ex: "25", "465", "587"')}
                     helpText={
                         <FormattedMessage
-                            id='admin.email.smtpPasswordDescription'
-                            defaultMessage=' Obtain this credential from administrator setting up your email server.'
+                            id='admin.email.smtpPortDescription'
+                            defaultMessage='Port of SMTP email server.'
                         />
                     }
-                    value={this.state.smtpPassword}
+                    value={this.state.smtpPort}
+                    onChange={this.handleChange}
+                    disabled={!this.state.sendEmailNotifications}
+                />
+                <BooleanSetting
+                    id='enableSMTPAuth'
+                    label={
+                        <FormattedMessage
+                            id='admin.email.enableSMTPAuthTitle'
+                            defaultMessage='Enable SMTP Authentication: '
+                        />
+                    }
+                    helpText={[
+                        <FormattedHTMLMessage
+                            key='admin.email.enableSMTPAuthDesc'
+                            id='admin.email.enableSMTPAuthDesc'
+                            defaultMessage='When true, SMTP Authentication is enabled.'
+                        />
+                    ]}
+                    value={this.state.enableSMTPAuth}
                     onChange={this.handleChange}
                     disabled={!this.state.sendEmailNotifications}
                 />
                 <TextSetting
-                    id='smtpServer'
+                    id='smtpUsername'
                     label={
                         <FormattedMessage
-                            id='admin.email.smtpServerTitle'
-                            defaultMessage='SMTP Server:'
+                            id='admin.email.smtpUsernameTitle'
+                            defaultMessage='SMTP Server Username:'
                         />
                     }
-                    placeholder={Utils.localizeMessage('admin.email.smtpServerExample', 'Ex: "smtp.yourcompany.com", "email-smtp.us-east-1.amazonaws.com"')}
+                    placeholder={Utils.localizeMessage('admin.email.smtpUsernameExample', 'Ex: "admin@yourcompany.com", "AKIADTOVBGERKLCBV"')}
                     helpText={
                         <FormattedMessage
-                            id='admin.email.smtpServerDescription'
-                            defaultMessage='Location of SMTP email server.'
+                            id='admin.email.smtpUsernameDescription'
+                            defaultMessage=' Obtain this credential from administrator setting up your email server.'
                         />
                     }
-                    value={this.state.smtpServer}
+                    value={this.state.smtpUsername}
                     onChange={this.handleChange}
-                    disabled={!this.state.sendEmailNotifications}
+                    disabled={!this.state.sendEmailNotifications || !this.state.enableSMTPAuth}
                 />
                 <TextSetting
-                    id='smtpPort'
+                    id='smtpPassword'
                     label={
                         <FormattedMessage
-                            id='admin.email.smtpPortTitle'
-                            defaultMessage='SMTP Server Port:'
+                            id='admin.email.smtpPasswordTitle'
+                            defaultMessage='SMTP Server Password:'
                         />
                     }
-                    placeholder={Utils.localizeMessage('admin.email.smtpPortExample', 'Ex: "25", "465", "587"')}
+                    placeholder={Utils.localizeMessage('admin.email.smtpPasswordExample', 'Ex: "yourpassword", "jcuS8PuvcpGhpgHhlcpT1Mx42pnqMxQY"')}
                     helpText={
                         <FormattedMessage
-                            id='admin.email.smtpPortDescription'
-                            defaultMessage='Port of SMTP email server.'
+                            id='admin.email.smtpPasswordDescription'
+                            defaultMessage=' Obtain this credential from administrator setting up your email server.'
                         />
                     }
-                    value={this.state.smtpPort}
+                    value={this.state.smtpPassword}
                     onChange={this.handleChange}
-                    disabled={!this.state.sendEmailNotifications}
+                    disabled={!this.state.sendEmailNotifications || !this.state.enableSMTPAuth}
                 />
                 <ConnectionSecurityDropdownSettingEmail
                     value={this.state.connectionSecurity}
diff --git a/webapp/i18n/en.json b/webapp/i18n/en.json
index 57ef37a07..19d3771e7 100755
--- a/webapp/i18n/en.json
+++ b/webapp/i18n/en.json
@@ -203,8 +203,6 @@
   "admin.compliance_table.userId": "Requested By",
   "admin.connectionSecurityNone": "None",
   "admin.connectionSecurityNoneDescription": "Mattermost will connect over an insecure connection.",
-  "admin.connectionSecurityPlain": "PLAIN",
-  "admin.connectionSecurityPlainDescription": "Mattermost will connect and authenticate over an insecure connection.",
   "admin.connectionSecurityStart": "STARTTLS",
   "admin.connectionSecurityStartDescription": "Takes an existing insecure connection and attempts to upgrade it to a secure connection using TLS.",
   "admin.connectionSecurityTest": "Test Connection",
@@ -309,7 +307,7 @@
   "admin.email.selfPush": "Manually enter Push Notification Service location",
   "admin.email.skipServerCertificateVerification.description": "When true, Mattermost will not verify the email server certificate.",
   "admin.email.skipServerCertificateVerification.title": "Skip Server Certificate Verification: ",
-  "admin.email.smtpPasswordDescription": " Obtain this credential from administrator setting up your email server.",
+  "admin.email.smtpPasswordDescription": "The password associated with the SMTP username.",
   "admin.email.smtpPasswordExample": "E.g.: \"yourpassword\", \"jcuS8PuvcpGhpgHhlcpT1Mx42pnqMxQY\"",
   "admin.email.smtpPasswordTitle": "SMTP Server Password:",
   "admin.email.smtpPortDescription": "Port of SMTP email server.",
@@ -318,9 +316,11 @@
   "admin.email.smtpServerDescription": "Location of SMTP email server.",
   "admin.email.smtpServerExample": "E.g.: \"smtp.yourcompany.com\", \"email-smtp.us-east-1.amazonaws.com\"",
   "admin.email.smtpServerTitle": "SMTP Server:",
-  "admin.email.smtpUsernameDescription": " Obtain this credential from administrator setting up your email server.",
+  "admin.email.smtpUsernameDescription": "The username for authenticating to the SMTP server.",
   "admin.email.smtpUsernameExample": "E.g.: \"admin@yourcompany.com\", \"AKIADTOVBGERKLCBV\"",
   "admin.email.smtpUsernameTitle": "SMTP Server Username:",
+  "admin.email.enableSMTPAuthTitle": "Enable SMTP Authentication:",
+  "admin.email.enableSMTPAuthDesc": "When enabled, username and password are used for authenticating to the SMTP server.",
   "admin.email.testing": "Testing...",
   "admin.false": "false",
   "admin.file.enableFileAttachments": "Allow File Sharing:",
-- 
cgit v1.2.3-1-g7c22