From 87a766cb39d896372890e85a9065629864e81ba3 Mon Sep 17 00:00:00 2001
From: Alexander Reelsen <alexander@reelsen.net>
Date: Fri, 29 Jun 2018 14:12:02 +0200
Subject: [PATCH] Watcher: Add ssl.trust email account setting

In order to allow users to specify hosts, where SSL is always trusted,
this setting is exposed. Otherwise the system keystore needs to be
configured properly.

For more info see https://javaee.github.io/javamail/docs/api/com/sun/mail/smtp/package-summary.html
---
 .../xpack/watcher/notification/email/EmailService.java     | 7 ++++++-
 .../watcher/notification/email/EmailServiceTests.java      | 2 ++
 2 files changed, 8 insertions(+), 1 deletion(-)

diff --git a/x-pack/plugin/watcher/src/main/java/org/elasticsearch/xpack/watcher/notification/email/EmailService.java b/x-pack/plugin/watcher/src/main/java/org/elasticsearch/xpack/watcher/notification/email/EmailService.java
index 41a2ecc3bcc80..e928475f94d9c 100644
--- a/x-pack/plugin/watcher/src/main/java/org/elasticsearch/xpack/watcher/notification/email/EmailService.java
+++ b/x-pack/plugin/watcher/src/main/java/org/elasticsearch/xpack/watcher/notification/email/EmailService.java
@@ -79,6 +79,10 @@ public class EmailService extends NotificationService<Account> {
             Setting.affixKeySetting("xpack.notification.email.account.", "smtp.local_address",
                     (key) -> Setting.simpleString(key, Property.Dynamic, Property.NodeScope));
 
+    private static final Setting.AffixSetting<String> SETTING_SMTP_SSL_TRUST_ADDRESS =
+            Setting.affixKeySetting("xpack.notification.email.account.", "smtp.ssl.trust",
+                    (key) -> Setting.simpleString(key, Property.Dynamic, Property.NodeScope));
+
     private static final Setting.AffixSetting<Integer> SETTING_SMTP_LOCAL_PORT =
             Setting.affixKeySetting("xpack.notification.email.account.", "smtp.local_port",
                     (key) -> Setting.intSetting(key, 25, Property.Dynamic, Property.NodeScope));
@@ -111,6 +115,7 @@ public EmailService(Settings settings, @Nullable CryptoService cryptoService, Cl
         clusterSettings.addAffixUpdateConsumer(SETTING_SMTP_TIMEOUT, (s, o) -> {}, (s, o) -> {});
         clusterSettings.addAffixUpdateConsumer(SETTING_SMTP_CONNECTION_TIMEOUT, (s, o) -> {}, (s, o) -> {});
         clusterSettings.addAffixUpdateConsumer(SETTING_SMTP_WRITE_TIMEOUT, (s, o) -> {}, (s, o) -> {});
+        clusterSettings.addAffixUpdateConsumer(SETTING_SMTP_SSL_TRUST_ADDRESS, (s, o) -> {}, (s, o) -> {});
         clusterSettings.addAffixUpdateConsumer(SETTING_SMTP_LOCAL_ADDRESS, (s, o) -> {}, (s, o) -> {});
         clusterSettings.addAffixUpdateConsumer(SETTING_SMTP_LOCAL_PORT, (s, o) -> {}, (s, o) -> {});
         clusterSettings.addAffixUpdateConsumer(SETTING_SMTP_SEND_PARTIAL, (s, o) -> {}, (s, o) -> {});
@@ -168,7 +173,7 @@ public static List<Setting<?>> getSettings() {
         return Arrays.asList(SETTING_DEFAULT_ACCOUNT, SETTING_PROFILE, SETTING_EMAIL_DEFAULTS, SETTING_SMTP_AUTH, SETTING_SMTP_HOST,
                 SETTING_SMTP_PASSWORD, SETTING_SMTP_PORT, SETTING_SMTP_STARTTLS_ENABLE, SETTING_SMTP_USER, SETTING_SMTP_STARTTLS_REQUIRED,
                 SETTING_SMTP_TIMEOUT, SETTING_SMTP_CONNECTION_TIMEOUT, SETTING_SMTP_WRITE_TIMEOUT, SETTING_SMTP_LOCAL_ADDRESS,
-                SETTING_SMTP_LOCAL_PORT, SETTING_SMTP_SEND_PARTIAL, SETTING_SMTP_WAIT_ON_QUIT);
+                SETTING_SMTP_LOCAL_PORT, SETTING_SMTP_SEND_PARTIAL, SETTING_SMTP_WAIT_ON_QUIT, SETTING_SMTP_SSL_TRUST_ADDRESS);
     }
 
 }
diff --git a/x-pack/plugin/watcher/src/test/java/org/elasticsearch/xpack/watcher/notification/email/EmailServiceTests.java b/x-pack/plugin/watcher/src/test/java/org/elasticsearch/xpack/watcher/notification/email/EmailServiceTests.java
index d2d4e585afbb7..88bc500f10a2d 100644
--- a/x-pack/plugin/watcher/src/test/java/org/elasticsearch/xpack/watcher/notification/email/EmailServiceTests.java
+++ b/x-pack/plugin/watcher/src/test/java/org/elasticsearch/xpack/watcher/notification/email/EmailServiceTests.java
@@ -68,6 +68,7 @@ public void testAccountSmtpPropertyConfiguration() {
                 .put("xpack.notification.email.account.account4.smtp.local_port", "1025")
                 .put("xpack.notification.email.account.account5.smtp.host", "localhost")
                 .put("xpack.notification.email.account.account5.smtp.wait_on_quit", true)
+                .put("xpack.notification.email.account.account5.smtp.ssl.trust", "host1,host2,host3")
                 .build();
         EmailService emailService = new EmailService(settings, null,
                 new ClusterSettings(Settings.EMPTY, new HashSet<>(EmailService.getSettings())));
@@ -100,5 +101,6 @@ public void testAccountSmtpPropertyConfiguration() {
         Account account5 = emailService.getAccount("account5");
         Properties properties5 = account5.getConfig().smtp.properties;
         assertThat(properties5, hasEntry("mail.smtp.quitwait", "true"));
+        assertThat(properties5, hasEntry("mail.smtp.ssl.trust", "host1,host2,host3"));
     }
 }