search

dnnsoftware / Dnn.Platform

DNN (formerly DotNetNuke) is the leading open source web content management platform (CMS) in the Microsoft ecosystem.
https://dnncommunity.org/
MIT License
1.02k stars 749 forks source link

[Bug]: BLOCKING ISSUE after OAUTH test, cannot revert back to SMTP. Suggested fix #5843

Open fablaser opened 12 months ago

fablaser commented 12 months ago

Is there an existing issue for this?

What happened?

I updated my DNN instance from 9.12 to 9.13. After tried to setup OAUTH2 with exchange, I cannot revert back to a working SMTP configuration with anonymous authentication.

You will get the error "C'è un problema nella configurazione del server SMTP. La posta non è stata inviata. An error occurred while attempting to establish an SSL or TLS connection. The host name did not match the name given in the server's SSL certificate. Il certificato remoto non è stato ritenuto valido dalla procedura di convalida." DNN smtp test

Steps to reproduce?

  1. Upgrade to 9.3
  2. Send a test message from EMAil configuration page using anonymous authentication and SSL off. It will work
  3. Try to setup OAUTH, select Exchange Online. Fill TenantID, ClientID, ClientSecret. Save
  4. Revert back to anonymous authentication, SSL off. Save
  5. You will the the error "C'è un problema nella configurazione del server SMTP. La posta non è stata inviata. An error occurred while attempting to establish an SSL or TLS connection. The host name did not match the name given in the server's SSL certificate. Il certificato remoto non è stato ritenuto valido dalla procedura di convalida."

Current Behavior

No response

Expected Behavior

No response

Relevant log output

C'è un problema nella configurazione del server SMTP. La posta non è stata inviata. An error occurred while attempting to establish an SSL or TLS connection. The host name did not match the name given in the server's SSL certificate. Il certificato remoto non è stato ritenuto valido dalla procedura di convalida.

Anything else?

No response

Affected Versions

9.13.0 (latest release)

What browsers are you seeing the problem on?

Firefox

Code of Conduct

fablaser commented 12 months ago

Hello, I found a temporary fix:

When you change in DNN from standard SMTP to oauth, in web.config mail defaultProvider="CoreMailProvider" will change to "MailKitMailProvider".

When you revert back to standard SMTP, the default provider will remain MailKitMailProvider. In order to manually fix the issue, it is necessary to change MailKitMailProvider to CoreMailProvider.

Please, take in consideration to fix this bug.

GerardSmit commented 12 months ago

It seems like the MailKitMailProvider does not respect the setting "SSL off", since it's always set to SecureSocketOptions.Auto instead of SecureSocketOptions.None (http://www.mimekit.net/docs/html/T_MailKit_Security_SecureSocketOptions.htm):

https://github.com/dnnsoftware/Dnn.Platform/blob/7631f2c7f187d7e95983980728565914604d8594/DNN%20Platform/Library/Services/Mail/MailKitMailProvider.cs#L106

fablaser commented 12 months ago

It seems like the MailKitMailProvider does not respect the setting "SSL off", since it's always set to SecureSocketOptions.Auto instead of SecureSocketOptions.None (http://www.mimekit.net/docs/html/T_MailKit_Security_SecureSocketOptions.htm):

https://github.com/dnnsoftware/Dnn.Platform/blob/7631f2c7f187d7e95983980728565914604d8594/DNN%20Platform/Library/Services/Mail/MailKitMailProvider.cs#L106

I don't know, anyway using standard SMTP, DNN should use CoreMailProvider instead of MailKitMailProvider. As I wrote, the default DNN email provider is CoreMailProvider.Using OAUTH, DNN switches to MailKitMailProvider but it will not change when you revert back to SMTP: it remains MailKitMailProvider .

GerardSmit commented 12 months ago

Related code:

https://github.com/dnnsoftware/Dnn.Platform/blob/7631f2c7f187d7e95983980728565914604d8594/Dnn.AdminExperience/Dnn.PersonaBar.Extensions/Services/ServerSettingsSmtpAdminController.cs#L125-L129

GerardSmit commented 12 months ago

It's currently quite tricky on how to handle this. We can remember the original mail provider and restore this once you switch back, however this bring other issues on the table:

  1. Let's say you have mail provider XMailProvider in web.config that doesn't support OAuth.
  2. You switch to OAuth. DNN sees the provider doesn't support OAuth and switches to MailKitProvider and remembers the provider.
  3. You change the provider manually in web.config to YMailProvider.
  4. You switch back to SMTP, causing to restore the original mail provider which is XMailProvider.

We can check if the current provider is MailKitProvider and only then restore it back, but what if you want to keep using MailKitProvider?

I've talked with @valadas about this on Discord in the open source co-coding session. Daniel said it would better to introduce a separate config for the OAuth Mail Provider (for example <oAuthMail>), which is probably better.

What's the best way to tackle this?

fablaser commented 11 months ago

In my humble opinion, you should never manually change the email provider using web.config, but only using web interface. At the moment, any change using web interface is very risky because it can lead to a broken configuration.

Timo-Breumelhof commented 1 month ago

@fablaser I was abel to reproduce this in 09.13.04 Can you please change the original Issue to include the actual issue (the switching to MailKitMailProvider) as that might increase the changes of this getting fixed :-)