From a908f93eddd83b03db7b5c7734dbf85dcf96dda7 Mon Sep 17 00:00:00 2001
From: Benjamin Franzke <bfr@qbus.de>
Date: Thu, 14 May 2020 13:57:37 +0200
Subject: [PATCH] [BUGFIX] Fix SMTP encryption migration when plaintext was
 used before

The SMTP SSL/TLS migration introduced in #91070 does not take the case
into account when no SMTP encryption was used at all (that means insecure
plaintext authentication). This could be configured by specifying an empty
string for `transport_smtp_encrypt` in TYPO3 v9.

We do now check for this third option and adapt the migration
to set the value to false, which means symfony/mailer will allow
connection without encryption. Note: symfony/mailer will still try to
start a STARTTLS connection if the server supports that capability.
(That is now default in symfony/mailer and can't be deactivated)

We also fix the default configuration of transport_smtp_encrypt
to be a boolean value. The setting was switched to boolean in #90295
but was forgotten to be adapted here.

Releases: master
Resolves: #91391
Related: #91070
Related: #90295
Change-Id: I16f0f19cf91b92b3a252d2a52c7226dd0eb23296
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/64490
Reviewed-by: Josef Glatz <josefglatz@gmail.com>
Reviewed-by: Torben Hansen <derhansen@gmail.com>
Reviewed-by: Benjamin Franzke <bfr@qbus.de>
Tested-by: TYPO3com <noreply@typo3.com>
Tested-by: Josef Glatz <josefglatz@gmail.com>
Tested-by: Torben Hansen <derhansen@gmail.com>
Tested-by: Benjamin Franzke <bfr@qbus.de>
---
 typo3/sysext/core/Configuration/DefaultConfiguration.php        | 2 +-
 .../Classes/Service/SilentConfigurationUpgradeService.php       | 2 ++
 2 files changed, 3 insertions(+), 1 deletion(-)

diff --git a/typo3/sysext/core/Configuration/DefaultConfiguration.php b/typo3/sysext/core/Configuration/DefaultConfiguration.php
index bd5bf51027a3..d4ba12d8afd7 100644
--- a/typo3/sysext/core/Configuration/DefaultConfiguration.php
+++ b/typo3/sysext/core/Configuration/DefaultConfiguration.php
@@ -1361,7 +1361,7 @@ return [
     'MAIL' => [ // Mail configurations to tune how \TYPO3\CMS\Core\Mail\ classes will send their mails.
         'transport' => 'sendmail',
         'transport_smtp_server' => 'localhost:25',
-        'transport_smtp_encrypt' => '',
+        'transport_smtp_encrypt' => false,
         'transport_smtp_username' => '',
         'transport_smtp_password' => '',
         'transport_sendmail_command' => '',
diff --git a/typo3/sysext/install/Classes/Service/SilentConfigurationUpgradeService.php b/typo3/sysext/install/Classes/Service/SilentConfigurationUpgradeService.php
index 5f076055f158..d16b622ee9cc 100644
--- a/typo3/sysext/install/Classes/Service/SilentConfigurationUpgradeService.php
+++ b/typo3/sysext/install/Classes/Service/SilentConfigurationUpgradeService.php
@@ -1130,6 +1130,8 @@ class SilentConfigurationUpgradeService
                         // Due to the misleading name (transport_smtp_encrypt) we avoid to set the option to false, but rather remove it.
                         // Note: symfony/mailer provides no way to enforce STARTTLS usage, see https://github.com/symfony/symfony/commit/5b8c4676d059
                         $confManager->removeLocalConfigurationKeysByPath(['MAIL/transport_smtp_encrypt']);
+                    } elseif ($encrypt === '') {
+                        $confManager->setLocalConfigurationValueByPath('MAIL/transport_smtp_encrypt', false);
                     } else {
                         $confManager->setLocalConfigurationValueByPath('MAIL/transport_smtp_encrypt', true);
                     }
-- 
GitLab