Source: zabbix Severity: wishlist Tags: patch upstream Dear Maintainer,
Zabbix only supports AUTH PLAIN when talking SMTP. This prevents it from being used with SMTP MTAs that require AUTH LOGIN (like Exchange Online / Office 365). (https://support.zabbix.com/browse/ZBXNEXT-3367) Attached is a patch that allows users to select AUTH LOGIN when configuring the email media type. -- System Information: Debian Release: 9.0 APT prefers testing APT policy: (650, 'testing'), (600, 'unstable'), (500, 'oldoldstable') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 4.9.0-3-amd64 (SMP w/4 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Init: systemd (via /run/systemd/system)
Description: Add AUTH LOGIN support for SMTP (email media types) Enable users to select AUTH LOGIN as authentication method when configuring email media types. . zabbix (1:3.0.7+dfsg-2) unstable; urgency=medium . Author: Michel Meyers <deb...@tcnnet.com> Bug-Debian: https://bugs.debian.org/857287 Bug: https://support.zabbix.com/browse/ZBXNEXT-3367 --- Last-Update: 2017-05-24 --- zabbix-3.0.7+dfsg.orig/frontends/php/app/controllers/CControllerMediatypeCreate.php +++ zabbix-3.0.7+dfsg/frontends/php/app/controllers/CControllerMediatypeCreate.php @@ -32,7 +32,7 @@ class CControllerMediatypeCreate extends 'smtp_security' => 'db media_type.smtp_security|in '.SMTP_CONNECTION_SECURITY_NONE.','.SMTP_CONNECTION_SECURITY_STARTTLS.','.SMTP_CONNECTION_SECURITY_SSL_TLS, 'smtp_verify_peer' => 'db media_type.smtp_verify_peer|in 0,1', 'smtp_verify_host' => 'db media_type.smtp_verify_host|in 0,1', - 'smtp_authentication' => 'db media_type.smtp_authentication|in '.SMTP_AUTHENTICATION_NONE.','.SMTP_AUTHENTICATION_NORMAL, + 'smtp_authentication' => 'db media_type.smtp_authentication|in '.SMTP_AUTHENTICATION_NONE.','.SMTP_AUTHENTICATION_NORMAL.','.SMTP_AUTHENTICATION_NORMAL_LOGIN, 'exec_path' => 'db media_type.exec_path', 'eztext_limit' => 'in '.EZ_TEXTING_LIMIT_USA.','.EZ_TEXTING_LIMIT_CANADA, 'exec_params' => 'array media_type.exec_params', --- zabbix-3.0.7+dfsg.orig/frontends/php/app/controllers/CControllerMediatypeEdit.php +++ zabbix-3.0.7+dfsg/frontends/php/app/controllers/CControllerMediatypeEdit.php @@ -39,7 +39,7 @@ class CControllerMediatypeEdit extends C 'smtp_security' => 'db media_type.smtp_security|in '.SMTP_CONNECTION_SECURITY_NONE.','.SMTP_CONNECTION_SECURITY_STARTTLS.','.SMTP_CONNECTION_SECURITY_SSL_TLS, 'smtp_verify_peer' => 'db media_type.smtp_verify_peer|in 0,1', 'smtp_verify_host' => 'db media_type.smtp_verify_host|in 0,1', - 'smtp_authentication' => 'db media_type.smtp_authentication|in '.SMTP_AUTHENTICATION_NONE.','.SMTP_AUTHENTICATION_NORMAL, + 'smtp_authentication' => 'db media_type.smtp_authentication|in '.SMTP_AUTHENTICATION_NONE.','.SMTP_AUTHENTICATION_NORMAL.','.SMTP_AUTHENTICATION_NORMAL_LOGIN, 'exec_path' => 'db media_type.exec_path', 'eztext_limit' => 'in '.EZ_TEXTING_LIMIT_USA.','.EZ_TEXTING_LIMIT_CANADA, 'exec_params' => 'array media_type.exec_params', --- zabbix-3.0.7+dfsg.orig/frontends/php/app/controllers/CControllerMediatypeUpdate.php +++ zabbix-3.0.7+dfsg/frontends/php/app/controllers/CControllerMediatypeUpdate.php @@ -33,7 +33,7 @@ class CControllerMediatypeUpdate extends 'smtp_security' => 'db media_type.smtp_security|in '.SMTP_CONNECTION_SECURITY_NONE.','.SMTP_CONNECTION_SECURITY_STARTTLS.','.SMTP_CONNECTION_SECURITY_SSL_TLS, 'smtp_verify_peer' => 'db media_type.smtp_verify_peer|in 0,1', 'smtp_verify_host' => 'db media_type.smtp_verify_host|in 0,1', - 'smtp_authentication' => 'db media_type.smtp_authentication|in '.SMTP_AUTHENTICATION_NONE.','.SMTP_AUTHENTICATION_NORMAL, + 'smtp_authentication' => 'db media_type.smtp_authentication|in '.SMTP_AUTHENTICATION_NONE.','.SMTP_AUTHENTICATION_NORMAL.','.SMTP_AUTHENTICATION_NORMAL_LOGIN, 'exec_path' => 'db media_type.exec_path', 'eztext_limit' => 'in '.EZ_TEXTING_LIMIT_USA.','.EZ_TEXTING_LIMIT_CANADA, 'exec_params' => 'array media_type.exec_params', --- zabbix-3.0.7+dfsg.orig/frontends/php/app/views/administration.mediatype.edit.js.php +++ zabbix-3.0.7+dfsg/frontends/php/app/views/administration.mediatype.edit.js.php @@ -106,7 +106,11 @@ $('#smtp_username, #passwd').closest('li').show(); } else { - $('#smtp_username, #passwd').val('').closest('li').hide(); + if ($('input[name=smtp_authentication]:checked').val() == <?= SMTP_AUTHENTICATION_NORMAL_LOGIN ?>) { + $('#smtp_username, #passwd').closest('li').show(); + } else{ + $('#smtp_username, #passwd').val('').closest('li').hide(); + } } } --- zabbix-3.0.7+dfsg.orig/frontends/php/app/views/administration.mediatype.edit.php +++ zabbix-3.0.7+dfsg/frontends/php/app/views/administration.mediatype.edit.php @@ -73,7 +73,8 @@ $mediaTypeFormList ->addRow(_('Authentication'), (new CRadioButtonList('smtp_authentication', (int) $data['smtp_authentication'])) ->addValue(_('None'), SMTP_AUTHENTICATION_NONE) - ->addValue(_('Normal password'), SMTP_AUTHENTICATION_NORMAL) + ->addValue(_('Password (AUTH PLAIN)'), SMTP_AUTHENTICATION_NORMAL) + ->addValue(_('Password (AUTH LOGIN)'), SMTP_AUTHENTICATION_NORMAL_LOGIN) ->setModern(true) ) ->addRow(_('Username'), (new CTextBox('smtp_username', $data['smtp_username']))->setWidth(ZBX_TEXTAREA_SMALL_WIDTH)) --- zabbix-3.0.7+dfsg.orig/frontends/php/include/classes/api/services/CMediatype.php +++ zabbix-3.0.7+dfsg/frontends/php/include/classes/api/services/CMediatype.php @@ -248,7 +248,7 @@ class CMediatype extends CApiService { case MEDIA_TYPE_EMAIL: if (array_key_exists('smtp_authentication', $mediatype)) { $smtp_authentication_validator = new CLimitedSetValidator([ - 'values' => [SMTP_AUTHENTICATION_NONE, SMTP_AUTHENTICATION_NORMAL] + 'values' => [SMTP_AUTHENTICATION_NONE, SMTP_AUTHENTICATION_NORMAL, SMTP_AUTHENTICATION_NORMAL_LOGIN] ]); if (!$smtp_authentication_validator->validate($mediatype['smtp_authentication'])) { @@ -260,7 +260,7 @@ class CMediatype extends CApiService { )); } - if ($mediatype['smtp_authentication'] == SMTP_AUTHENTICATION_NORMAL + if ((($mediatype['smtp_authentication'] == SMTP_AUTHENTICATION_NORMAL) || ($mediatype['smtp_authentication'] == SMTP_AUTHENTICATION_NORMAL_LOGIN)) && (!array_key_exists('passwd', $mediatype) || $mediatype['passwd'] === '' || $mediatype['passwd'] === null)) { self::exception(ZBX_API_ERROR_PARAMETERS, @@ -506,7 +506,7 @@ class CMediatype extends CApiService { case MEDIA_TYPE_EMAIL: if (array_key_exists('smtp_authentication', $mediatype)) { $smtp_authentication_validator = new CLimitedSetValidator([ - 'values' => [SMTP_AUTHENTICATION_NONE, SMTP_AUTHENTICATION_NORMAL] + 'values' => [SMTP_AUTHENTICATION_NONE, SMTP_AUTHENTICATION_NORMAL, SMTP_AUTHENTICATION_NORMAL_LOGIN] ]); if (!$smtp_authentication_validator->validate($mediatype['smtp_authentication'])) { @@ -518,7 +518,7 @@ class CMediatype extends CApiService { )); } - if ($mediatype['smtp_authentication'] == SMTP_AUTHENTICATION_NORMAL) { + if (($mediatype['smtp_authentication'] == SMTP_AUTHENTICATION_NORMAL) || ($mediatype['smtp_authentication'] == SMTP_AUTHENTICATION_NORMAL_LOGIN)) { // Check 'passwd' field when auth is set to 'normal' manually. if ($db_mediatype['smtp_authentication'] == $mediatype['smtp_authentication'] @@ -547,7 +547,7 @@ class CMediatype extends CApiService { } } } - elseif ($db_mediatype['smtp_authentication'] == SMTP_AUTHENTICATION_NORMAL + elseif ((($db_mediatype['smtp_authentication'] == SMTP_AUTHENTICATION_NORMAL) || ($db_mediatype['smtp_authentication'] == SMTP_AUTHENTICATION_NORMAL_LOGIN)) && array_key_exists('passwd', $mediatype) && ($mediatype['passwd'] === '' || $mediatype['passwd'] === null)) { // Check 'passwd' field depeding on authentication set from DB and when it is set to 'normal'. --- zabbix-3.0.7+dfsg.orig/frontends/php/include/defines.inc.php +++ zabbix-3.0.7+dfsg/frontends/php/include/defines.inc.php @@ -492,6 +492,7 @@ define('SMTP_CONNECTION_SECURITY_SSL_TLS define('SMTP_AUTHENTICATION_NONE', 0); define('SMTP_AUTHENTICATION_NORMAL', 1); +define('SMTP_AUTHENTICATION_NORMAL_LOGIN', 2); define('EZ_TEXTING_LIMIT_USA', 0); define('EZ_TEXTING_LIMIT_CANADA', 1); --- zabbix-3.0.7+dfsg.orig/include/common.h +++ zabbix-3.0.7+dfsg/include/common.h @@ -592,6 +592,7 @@ const char *zbx_item_logtype_string(unsi /* SMTP authentication options */ #define SMTP_AUTHENTICATION_NONE 0 #define SMTP_AUTHENTICATION_NORMAL_PASSWORD 1 +#define SMTP_AUTHENTICATION_NORMAL_PASSWORD_LOGIN 2 /* operation types */ #define OPERATION_TYPE_MESSAGE 0 --- zabbix-3.0.7+dfsg.orig/src/libs/zbxmedia/email.c +++ zabbix-3.0.7+dfsg/src/libs/zbxmedia/email.c @@ -602,7 +602,7 @@ static int send_email_curl(const char *s } } - if (SMTP_AUTHENTICATION_NORMAL_PASSWORD == smtp_authentication) + if (SMTP_AUTHENTICATION_NONE != smtp_authentication) { #if 0x071e00 >= LIBCURL_VERSION_NUM /* versions 7.20.0 to 7.30.0 do not support specifying login options */ if (CURLE_OK != (err = curl_easy_setopt(easyhandle, CURLOPT_USERNAME, username)) || @@ -618,11 +618,23 @@ static int send_email_curl(const char *s if (CURLE_OK != (err = curl_easy_setopt(easyhandle, CURLOPT_USERPWD, userpwd))) goto error; #else /* versions 7.34.0 and above support explicit CURLOPT_LOGIN_OPTIONS */ - if (CURLE_OK != (err = curl_easy_setopt(easyhandle, CURLOPT_USERNAME, username)) || - CURLE_OK != (err = curl_easy_setopt(easyhandle, CURLOPT_PASSWORD, password)) || - CURLE_OK != (err = curl_easy_setopt(easyhandle, CURLOPT_LOGIN_OPTIONS, "AUTH=PLAIN"))) + if (SMTP_AUTHENTICATION_NORMAL_PASSWORD == smtp_authentication) { - goto error; + if (CURLE_OK != (err = curl_easy_setopt(easyhandle, CURLOPT_USERNAME, username)) || + CURLE_OK != (err = curl_easy_setopt(easyhandle, CURLOPT_PASSWORD, password)) || + CURLE_OK != (err = curl_easy_setopt(easyhandle, CURLOPT_LOGIN_OPTIONS, "AUTH=PLAIN"))) + { + goto error; + } + } + if (SMTP_AUTHENTICATION_NORMAL_PASSWORD_LOGIN == smtp_authentication) + { + if (CURLE_OK != (err = curl_easy_setopt(easyhandle, CURLOPT_USERNAME, username)) || + CURLE_OK != (err = curl_easy_setopt(easyhandle, CURLOPT_PASSWORD, password)) || + CURLE_OK != (err = curl_easy_setopt(easyhandle, CURLOPT_LOGIN_OPTIONS, "AUTH=LOGIN"))) + { + goto error; + } } #endif }