You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@oozie.apache.org by di...@apache.org on 2022/11/29 11:22:35 UTC

[oozie] branch master updated: OOZIE-3673 Add possibility to configure custom SSL/TLS protocols when executing an email action (jmakai via dionusos)

This is an automated email from the ASF dual-hosted git repository.

dionusos pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/oozie.git


The following commit(s) were added to refs/heads/master by this push:
     new 446232940 OOZIE-3673 Add possibility to configure custom SSL/TLS protocols when executing an email action (jmakai via dionusos)
446232940 is described below

commit 446232940773e9dda50ac2f5106617e476147dd1
Author: Denes Bodo <di...@apache.org>
AuthorDate: Tue Nov 29 12:18:34 2022 +0100

    OOZIE-3673 Add possibility to configure custom SSL/TLS protocols when executing an email action (jmakai via dionusos)
---
 .../org/apache/oozie/action/email/EmailActionExecutor.java     |  6 ++++++
 core/src/main/resources/oozie-default.xml                      | 10 ++++++++++
 release-log.txt                                                |  1 +
 3 files changed, 17 insertions(+)

diff --git a/core/src/main/java/org/apache/oozie/action/email/EmailActionExecutor.java b/core/src/main/java/org/apache/oozie/action/email/EmailActionExecutor.java
index f28dd34a3..8250b33cd 100644
--- a/core/src/main/java/org/apache/oozie/action/email/EmailActionExecutor.java
+++ b/core/src/main/java/org/apache/oozie/action/email/EmailActionExecutor.java
@@ -45,6 +45,7 @@ import javax.mail.internet.MimeBodyPart;
 import javax.mail.internet.MimeMessage;
 import javax.mail.internet.MimeMultipart;
 
+import org.apache.commons.lang3.StringUtils;
 import org.apache.hadoop.conf.Configuration;
 import org.apache.hadoop.fs.FileSystem;
 import org.apache.hadoop.fs.Path;
@@ -75,6 +76,7 @@ public class EmailActionExecutor extends ActionExecutor {
     public static final String EMAIL_SMTP_PASS = CONF_PREFIX + "smtp.password";
     public static final String EMAIL_SMTP_FROM = CONF_PREFIX + "from.address";
     public static final String EMAIL_SMTP_STARTTLS = CONF_PREFIX + "smtp.starttls.enable";
+    public static final String EMAIL_SMTP_SSL_PROTOCOLS = CONF_PREFIX + "smtp.ssl.protocols";
     public static final String EMAIL_SMTP_SOCKET_TIMEOUT_MS = CONF_PREFIX + "smtp.socket.timeout.ms";
     public static final String EMAIL_ATTACHMENT_ENABLED = CONF_PREFIX + "attachment.enabled";
 
@@ -187,6 +189,7 @@ public class EmailActionExecutor extends ActionExecutor {
         String smtpUser = ConfigurationService.get(EMAIL_SMTP_USER);
         String smtpPassword = ConfigurationService.getPassword(EMAIL_SMTP_PASS, "");
         Boolean smtpStarttlsBool = ConfigurationService.getBoolean(EMAIL_SMTP_STARTTLS);
+        String smtpSslProtocols = ConfigurationService.get(EMAIL_SMTP_SSL_PROTOCOLS);
         String fromAddr = ConfigurationService.get(EMAIL_SMTP_FROM);
         Integer timeoutMillisInt = ConfigurationService.getInt(EMAIL_SMTP_SOCKET_TIMEOUT_MS);
 
@@ -195,6 +198,9 @@ public class EmailActionExecutor extends ActionExecutor {
         properties.setProperty("mail.smtp.port", smtpPortInt.toString());
         properties.setProperty("mail.smtp.auth", smtpAuthBool.toString());
         properties.setProperty("mail.smtp.starttls.enable", smtpStarttlsBool.toString());
+        if (smtpStarttlsBool && StringUtils.isNotBlank(smtpSslProtocols)) {
+            properties.setProperty("mail.smtp.ssl.protocols", smtpSslProtocols);
+        }
 
         // Apply sensible timeouts, as defaults are infinite. See https://s.apache.org/javax-mail-timeouts
         properties.setProperty("mail.smtp.connectiontimeout", timeoutMillisInt.toString());
diff --git a/core/src/main/resources/oozie-default.xml b/core/src/main/resources/oozie-default.xml
index 062e13c9b..cf5dc18d5 100644
--- a/core/src/main/resources/oozie-default.xml
+++ b/core/src/main/resources/oozie-default.xml
@@ -3135,6 +3135,16 @@ will be the requeue interval for the actions which are waiting for a long time w
         </description>
     </property>
 
+    <property>
+        <name>oozie.email.smtp.ssl.protocols</name>
+        <value> </value>
+        <description>
+            String property that has the supported protocols enumerated separate by space.
+            The default empty value has no effect.
+            E.g. "TLSv1 TLSv1.1 TLSv1.2"
+        </description>
+    </property>
+
     <property>
       <name>oozie.email.smtp.username</name>
       <value></value>
diff --git a/release-log.txt b/release-log.txt
index 1f9c825ba..a41bfc8fd 100644
--- a/release-log.txt
+++ b/release-log.txt
@@ -1,5 +1,6 @@
 -- Oozie 5.3.0 release (trunk - unreleased)
 
+OOZIE-3673 Add possibility to configure custom SSL/TLS protocols when executing an email action (jmakai via dionusos)
 OOZIE-3675 Upgrade Mockito from 2 to 3.11.2 (jmakai via dionusos)
 OOZIE-3669 Fix purge process for bundles to prevent orphan coordinators (jmakai via dionusos)
 OOZIE-3254 [coordinator] LAST_ONLY and NONE execution modes: possible OutOfMemoryError when there are too many coordinator actions to materialize (jmakai via dionusos)