From 4eb5b4c4b9aeabf353a30c29d2d744ce3d09191a Mon Sep 17 00:00:00 2001
From: Terrtia <or1994@hotmail.fr>
Date: Fri, 28 Jul 2023 11:10:21 +0200
Subject: [PATCH] fix: [MailExporter] improve logs + SMTP over SSL: add an
 option to validate self signed CA This exporter use STARTTLS by defaults. If
 the SMTP server does not support the STARTTLS extension, the client will
 switch to SSL instead.

---
 bin/exporter/MailExporter.py | 33 +++++++++++++++++++++++++++------
 configs/core.cfg.sample      |  4 ++++
 2 files changed, 31 insertions(+), 6 deletions(-)

diff --git a/bin/exporter/MailExporter.py b/bin/exporter/MailExporter.py
index 4b2d4a3a..c4d3f5b5 100755
--- a/bin/exporter/MailExporter.py
+++ b/bin/exporter/MailExporter.py
@@ -8,9 +8,12 @@ Import Content
 
 """
 import os
+import logging
+import logging.config
 import sys
 
 from abc import ABC
+from ssl import create_default_context
 
 import smtplib
 from email.mime.multipart import MIMEMultipart
@@ -22,17 +25,22 @@ sys.path.append(os.environ['AIL_BIN'])
 ##################################
 # Import Project packages
 ##################################
+from lib import ail_logger
 from exporter.abstract_exporter import AbstractExporter
 from lib.ConfigLoader import ConfigLoader
 # from lib.objects.abstract_object import AbstractObject
 # from lib.Tracker import Tracker
 
+logging.config.dictConfig(ail_logger.get_config(name='modules'))
+
 
 class MailExporter(AbstractExporter, ABC):
-    def __init__(self, host=None, port=None, password=None, user='', sender=''):
+    def __init__(self, host=None, port=None, password=None, user='', sender='', cert_required=None, ca_file=None):
         super().__init__()
         config_loader = ConfigLoader()
 
+        self.logger = logging.getLogger(f'{self.__class__.__name__}')
+
         if host:
             self.host = host
             self.port = port
@@ -45,6 +53,15 @@ class MailExporter(AbstractExporter, ABC):
             self.pw = config_loader.get_config_str("Notifications", "sender_pw")
             if self.pw == 'None':
                 self.pw = None
+        if cert_required is not None:
+            self.cert_required = bool(cert_required)
+            self.ca_file = ca_file
+        else:
+            self.cert_required = config_loader.get_config_boolean("Notifications", "cert_required")
+            if self.cert_required:
+                self.ca_file = config_loader.get_config_str("Notifications", "ca_file")
+            else:
+                self.ca_file = None
         if user:
             self.user = user
         else:
@@ -67,8 +84,12 @@ class MailExporter(AbstractExporter, ABC):
                 smtp_server = smtplib.SMTP(self.host, self.port)
                 smtp_server.starttls()
             except smtplib.SMTPNotSupportedError:
-                print("The server does not support the STARTTLS extension.")
-                smtp_server = smtplib.SMTP_SSL(self.host, self.port)
+                self.logger.info(f"The server {self.host}:{self.port} does not support the STARTTLS extension.")
+                if self.cert_required:
+                    context = create_default_context(cafile=self.ca_file)
+                else:
+                    context = None
+                smtp_server = smtplib.SMTP_SSL(self.host, self.port, context=context)
 
             smtp_server.ehlo()
             if self.user is not None:
@@ -80,7 +101,7 @@ class MailExporter(AbstractExporter, ABC):
         return smtp_server
         # except Exception as err:
         # traceback.print_tb(err.__traceback__)
-        # logger.warning(err)
+        # self.logger.warning(err)
 
     def _export(self, recipient, subject, body):
         mime_msg = MIMEMultipart()
@@ -95,8 +116,8 @@ class MailExporter(AbstractExporter, ABC):
         smtp_client.quit()
         # except Exception as err:
         # traceback.print_tb(err.__traceback__)
-        # logger.warning(err)
-        print(f'Send notification: {subject} to {recipient}')
+        # self.logger.warning(err)
+        self.logger.info(f'Send notification: {subject} to {recipient}')
 
 class MailExporterTracker(MailExporter):
 
diff --git a/configs/core.cfg.sample b/configs/core.cfg.sample
index bb9054fc..9bdf40a4 100644
--- a/configs/core.cfg.sample
+++ b/configs/core.cfg.sample
@@ -45,6 +45,10 @@ sender = sender@example.com
 sender_host = smtp.example.com
 sender_port = 1337
 sender_pw = None
+# Only needed for SSL if the mail server don't support TLS (used by default). use this option to validate the server certificate.
+cert_required = False
+# Only needed for the SSL if you want to validate your self signed certificate for SSL
+ca_file =
 # Only needed when the credentials for email server needs a username instead of an email address
 #sender_user = sender
 sender_user =