mirror of
https://github.com/Radarr/Radarr.git
synced 2024-10-03 22:57:18 +02:00
Fixed: Use general settings cert validation for email
This commit is contained in:
parent
6e502d63c2
commit
ebb1e3131a
@ -7,17 +7,21 @@
|
||||
using MimeKit;
|
||||
using NLog;
|
||||
using NzbDrone.Common.Extensions;
|
||||
using NzbDrone.Common.Http.Dispatchers;
|
||||
using NzbDrone.Core.Security;
|
||||
|
||||
namespace NzbDrone.Core.Notifications.Email
|
||||
{
|
||||
public class Email : NotificationBase<EmailSettings>
|
||||
{
|
||||
private readonly ICertificateValidationService _certificateValidationService;
|
||||
private readonly Logger _logger;
|
||||
|
||||
public override string Name => "Email";
|
||||
|
||||
public Email(Logger logger)
|
||||
public Email(ICertificateValidationService certificateValidationService, Logger logger)
|
||||
{
|
||||
_certificateValidationService = certificateValidationService;
|
||||
_logger = logger;
|
||||
}
|
||||
|
||||
@ -141,6 +145,8 @@ private void Send(MimeMessage email, EmailSettings settings)
|
||||
}
|
||||
}
|
||||
|
||||
client.ServerCertificateValidationCallback = _certificateValidationService.ShouldByPassValidationError;
|
||||
|
||||
_logger.Debug("Connecting to mail server");
|
||||
|
||||
client.Connect(settings.Server, settings.Port, serverOption);
|
||||
|
@ -22,14 +22,27 @@ public X509CertificateValidationService(IConfigService configService, Logger log
|
||||
|
||||
public bool ShouldByPassValidationError(object sender, X509Certificate certificate, X509Chain chain, SslPolicyErrors sslPolicyErrors)
|
||||
{
|
||||
if (sender is not SslStream request)
|
||||
var targetHostName = string.Empty;
|
||||
|
||||
if (sender is not SslStream && sender is not string)
|
||||
{
|
||||
return true;
|
||||
}
|
||||
|
||||
if (sender is SslStream request)
|
||||
{
|
||||
targetHostName = request.TargetHostName;
|
||||
}
|
||||
|
||||
// Mailkit passes host in sender as string
|
||||
if (sender is string stringHost)
|
||||
{
|
||||
targetHostName = stringHost;
|
||||
}
|
||||
|
||||
if (certificate is X509Certificate2 cert2 && cert2.SignatureAlgorithm.FriendlyName == "md5RSA")
|
||||
{
|
||||
_logger.Error("https://{0} uses the obsolete md5 hash in it's https certificate, if that is your certificate, please (re)create certificate with better algorithm as soon as possible.", request.TargetHostName);
|
||||
_logger.Error("https://{0} uses the obsolete md5 hash in it's https certificate, if that is your certificate, please (re)create certificate with better algorithm as soon as possible.", targetHostName);
|
||||
}
|
||||
|
||||
if (sslPolicyErrors == SslPolicyErrors.None)
|
||||
@ -37,12 +50,12 @@ public bool ShouldByPassValidationError(object sender, X509Certificate certifica
|
||||
return true;
|
||||
}
|
||||
|
||||
if (request.TargetHostName == "localhost" || request.TargetHostName == "127.0.0.1")
|
||||
if (targetHostName == "localhost" || targetHostName == "127.0.0.1")
|
||||
{
|
||||
return true;
|
||||
}
|
||||
|
||||
var ipAddresses = GetIPAddresses(request.TargetHostName);
|
||||
var ipAddresses = GetIPAddresses(targetHostName);
|
||||
var certificateValidation = _configService.CertificateValidation;
|
||||
|
||||
if (certificateValidation == CertificateValidationType.Disabled)
|
||||
@ -56,7 +69,7 @@ public bool ShouldByPassValidationError(object sender, X509Certificate certifica
|
||||
return true;
|
||||
}
|
||||
|
||||
_logger.Error("Certificate validation for {0} failed. {1}", request.TargetHostName, sslPolicyErrors);
|
||||
_logger.Error("Certificate validation for {0} failed. {1}", targetHostName, sslPolicyErrors);
|
||||
|
||||
return false;
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user