diff --git a/sbacInstaller/artifacts/scripts/sbacProcessXML.pl b/sbacInstaller/artifacts/scripts/sbacProcessXML.pl old mode 100755 new mode 100644 index 046cac3..c675e5f --- a/sbacInstaller/artifacts/scripts/sbacProcessXML.pl +++ b/sbacInstaller/artifacts/scripts/sbacProcessXML.pl @@ -1,12 +1,16 @@ #!/usr/bin/perl use strict; +use warnings; use Net::LDAP; use Net::LDAP::Util qw(ldap_error_text); use Net::SMTP; use File::Copy qw(move); use LWP::UserAgent; use HTTP::Request; +use Email::Sender::Simple qw(sendmail); +use Email::Stuffer; +use Email::Sender::Transport::SMTPS (); ################################################################################################### # Educational Online Test Delivery System # @@ -36,6 +40,8 @@ # # # Change Log: # # # +# 09/09/2016 - Updated email subroutine to use new libraries that allow email authentication # +# w/server # # 11/27/2015 - Modified processPasswordReset() to allow optional app defined message to be # # included in password reset message. # # 02/27/2015 - Added translation of encoded CERs to Tenancy Chain received through XML # @@ -98,30 +104,35 @@ my $consoleOutput = 0; # (0) - 0 = disable console messages; 1 = enable console messages my $sendHTTPResponse = 1; # (1) - 0 = do not send HTTP response; 1 = send HTTP response my $sendEmailResponse = 1; # (1) - 0 = do not send email response; 1 = send email response +my $useSmtpAuth = 1; # (1) - 0 = do not include auth credentials when emailing; 1 = include auth credentials when emailing my $extendedLogging = 1; # (1) - 0 = disable extended logging; 1 = enable extended logging my $emailOverride = 0; # (0) - 0 = use email addr from file; 1 = explicitly specify email addr my $testXMLFile = 0; # (0) - 0 = processing real XML file; 1 = processing test XML file # Environmental Variables - these variables may be customized to reflect your environment -my $inputXMLFileDir = "[XML-UPLOAD]"; # full path where the XML files are uploaded -my $processedFileDir = "[PROCESSED-FILES]"; # full path where the XML files are stored after processing -my $httpResponseServer = "[CALLBACK-URL]"; # HTTP server URL for response +my $inputXMLFileDir = "[XML-UPLOAD]"; # folder where the XML files are uploaded +my $processedFileDir = "[PROCESSED-FILES]"; # folder where the XML files are stored after processing +my $httpResponseServer = "[CALLBACK-URL]"; # HTTP server for callback response my $ldapHost = "[LDAP-HOST]"; # host name of the OpenDJ server my $ldapPort = "[LDAP-PORT]"; # port number of the OpenDJ server -my $ldapBindDN = "[BIND-DN]"; # administrative user on the OpenDJ server for managing accounts (i.e. cn=XXX Admin) -my $ldapBindPass = "[BIND-PASSWORD]"; # password for the administrative user -my $ldapBaseDN = "[BASEDN]"; # path in LDAP Server directory tree where the users may be found -my $ldapTimeout = "10"; # how long to wait (in seconds) for a connection to the LDAP server before timing out +my $ldapBindDN = "[BIND-DN]"; # replace with the bindDN of a service account or rootDN with permissions +my $ldapBindPass = "[BIND-PASSWORD]"; # replace with password of the OpenDJ service account +my $ldapBaseDN = "[BASEDN]"; # location where the users may be found +my $ldapTimeout = "10"; # how long to wait for a connection to the LDAP server before timing out # Email Variables - these variables are specific to subroutines which generate emails -my $fromAddress = '[EMAIL-SENDER]'; # all email will come from this email address (i.e. bill.nelson@identityfusion.com) -my $fromPerson = '[EMAIL-NAME'; # the name of the person sending the email (i.e. Bill Nelson) -my $emailAddrOverride = '[OVERRIDE-EMAIL]'; # when $emailOverride flag is set, send recipient's email to this addr instead of recipient +my $fromAddress = '[EMAIL-SENDER]'; # all email will come from this email address +my $fromPerson = '[EMAIL-NAME'; # the name of the person sending the email +my $emailAddrOverride = '[OVERRIDE-EMAIL]'; # when $emailOverride flag is set, send recipient's email to this addr my $adminEmail = '[ADMIN-EMAIL]'; # email address of user who is monitoring script results -my $emailServer = "[EMAIL-SERVER]"; # email server (i.e. mail.foo.com:10025) my $defaultPassword = "[DEFAULT-PASSWORD]"; # default password for test users +my $smtpServer = '[SMTP-SERVER]'; # replace with your email server +my $smtpPort = 25; # port to connect to on smtp server +my $smtpUser = '[EMAIL-AUTHENTICATION-USER]'; # replace with your email server username +my $smtpPassword = '[EMAIL-AUTHENTICATION-PASSWORD]'; # replace with your email server password +my $smtpSsl = "starttls" # if 'starttls', use STARTTLS; if 'ssl' (or 1), connect securely; otherwise, no security # Script Specific Variables - these are used within the processing of the script @@ -381,7 +392,7 @@ if ($emailOverride == 1) { $adminEmail = $emailAddrOverride; } - sendEmail($emailSubject,$emailBody,$adminEmail,$fromAddress,"Admin"); + sendEmail($emailSubject,$emailBody,$adminEmail,$fromAddress,"Admin", $smtpServer, $smtpPort, $smtpUser, $smtpPassword, $useSmtpAuth, $smtpSsl); # if extended logging is enabled, add additional details to log file if ( $extendedLogging == 1 ) { updateLog("INFO", "\"Administrator notified of run results ($adminEmail)\""); } @@ -733,7 +744,7 @@ sub processAddAction { if ($emailOverride == 1) { $mail = $emailAddrOverride; } - sendEmail($emailSubject,$emailBody,$mail,$fromAddress,"User"); + sendEmail($emailSubject,$emailBody,$mail,$fromAddress,"User", $smtpServer, $smtpPort, $smtpUser, $smtpPassword, $useSmtpAuth, $smtpSsl); # if extended logging is enabled, add additional details to log file if ( $extendedLogging == 1 ) { updateLog("INFO", "\"User notified of new account ($mail)\""); } @@ -1265,7 +1276,7 @@ sub processResetAction { if ($emailOverride == 1) { $mail = $emailAddrOverride; } - sendEmail($emailSubject,$emailBody,$mail,$fromAddress,"User"); + sendEmail($emailSubject,$emailBody,$mail,$fromAddress,"User", $smtpServer, $smtpPort, $smtpUser, $smtpPassword, $useSmtpAuth, $smtpSsl); # if extended logging is enabled, add additional details to log file if ( $extendedLogging == 1 ) { updateLog("INFO", "\"User notified of password reset ($mail)\""); } @@ -1360,7 +1371,7 @@ sub processPwdChangeAction { # if ($emailOverride == 1) { # $mail = $emailAddrOverride; # } -# sendEmail($emailSubject,$emailBody,$mail,$fromAddress,"User"); +# sendEmail($emailSubject,$emailBody,$mail,$fromAddress,"User", $smtpServer, $smtpPort, $smtpUser, $smtpPassword, $useSmtpAuth, $smtpSsl); # # if extended logging is enabled, add additional details to log file # if ( $extendedLogging == 1 ) { updateLog("INFO", "\"User notified of password reset ($mail)\""); } @@ -1553,19 +1564,24 @@ sub processNotifyAction { sub sendEmail { # get parameters - my ($emailSubject,$emailBody,$toAddress,$fromAddress,$emailType) = @_; - - # Open a connection to the email server (Net::SMTP support authentication if necessary) - my $smtp = Net::SMTP->new("$emailServer") or warn "Could not connect to email server!\n"; - - # Start the SMTP session - - # Uncomment and complete the following if authentication is required - # $smtp->auth($smtpuser, $smtppassword); - # $smtp->auth('AKIAJDK3WMPAGGC4ZCHQ', 'AuVbKKTGdJYkq6C+z78iZBSJkkw86PVFft4FHenBcjqC'); - - $smtp->mail( $fromAddress ); # use the MAIL command to provide the sender's email address - $smtp->to( $toAddress ); # use the TO command to provide the recipient's email address + my ($emailSubject,$emailBody,$toAddress,$fromAddress,$emailType, $smtpServer, $smtpPort, $smtpUser, $smtpPassword, $useSmtpAuth, $smtpSsl) = @_; + updateLog("DEBUG", "\nsubject=$_[0], body=$_[1], toAddress=$_[2], fromAddress=$_[3], emailType=$_[4], smtpServer=$_[5], smtpPort=$_[6], smtpUser=$_[7], smtpPassword=$_[8], useSmtpAuth=$_[9], smtpSsl=$_[10]\n"); + + my $email = Email::Stuffer->from($fromAddress)->to($toAddress)->subject($emailSubject)->html_body($emailBody)->email; + + my $transport = ($useSmtpAuth == 1) ? + Email::Sender::Transport::SMTPS->new({ + host => $smtpServer, + port => $smtpPort, + ssl => $smtpSsl, + sasl_username => $smtpUser, + sasl_password => $smtpPassword + }) : + Email::Sender::Transport::SMTPS->new({ + host => $smtpServer, + port => $smtpPort + }); + # Don't include additional recipients on non-admin email (the emailType will be either Admin or User) if ($emailType eq "Admin") { @@ -1577,35 +1593,18 @@ sub sendEmail { my $emailListRecipient; foreach $emailListRecipient (@emailList) { - $smtp->to( $emailListRecipient ); + $email->to( $emailListRecipient ); # Send message to log file indicating that the file has been moved updateLog("INFO", "\"Including $emailListRecipient on the email distribution list.\""); - } - } + } + } - } - - # Start the DATA for the SMTP session - - $smtp->data(); - $smtp->datasend("MIME-Version: 1.0\n"); - $smtp->datasend("Content-Type: text/html; charset=us-ascii\n"); + } - # Send the header. - $smtp->datasend("From: " . $fromAddress . "($fromPerson)\n"); - $smtp->datasend("To: " . $toAddress . "\n"); - $smtp->datasend("Subject: " . $emailSubject . "\n"); - $smtp->datasend("\n"); - $smtp->datasend("\n"); + sendmail($email, { transport => $transport }); - # Send the body. - $smtp->datasend( $emailBody ); - $smtp->datasend("\n"); - $smtp->dataend(); - $smtp->quit; - -return 1; + return 1; } # end of sendEmail() @@ -1853,7 +1852,7 @@ sub processEarlyExit { if ($emailOverride == 1) { my $toAddress = $emailAddrOverride; } - sendEmail($emailSubject,$htmlFormattedErrorMessage,$toAddress,$fromAddress,"Admin"); + sendEmail($emailSubject,$htmlFormattedErrorMessage,$toAddress,$fromAddress,"Admin", $smtpServer, $smtpPort, $smtpUser, $smtpPassword, $useSmtpAuth, $smtpSsl); } ########## Update Log File ##########