From 8d07e05e104d76d0a931673b2334592161650d72 Mon Sep 17 00:00:00 2001
From: Ylian Saint-Hilaire <ysainthilaire@hotmail.com>
Date: Mon, 26 Aug 2019 15:51:50 -0700
Subject: [PATCH] Changed SMTP TLS security options.

---
 meshmail.js  | 3 ++-
 package.json | 2 +-
 2 files changed, 3 insertions(+), 2 deletions(-)

diff --git a/meshmail.js b/meshmail.js
index d4580663..30ea2a7a 100644
--- a/meshmail.js
+++ b/meshmail.js
@@ -25,13 +25,14 @@ module.exports.CreateMeshMail = function (parent) {
     obj.sendingMail = false;
     obj.mailCookieEncryptionKey = null;
     obj.mailTemplates = {};
+    const constants = (obj.parent.crypto.constants ? obj.parent.crypto.constants : require('constants')); // require('constants') is deprecated in Node 11.10, use require('crypto').constants instead.
     const nodemailer = require('nodemailer');
 
     function EscapeHtml(x) { if (typeof x == "string") return x.replace(/&/g, '&amp;').replace(/>/g, '&gt;').replace(/</g, '&lt;').replace(/"/g, '&quot;').replace(/'/g, '&apos;'); if (typeof x == "boolean") return x; if (typeof x == "number") return x; }
     //function EscapeHtmlBreaks(x) { if (typeof x == "string") return x.replace(/&/g, '&amp;').replace(/>/g, '&gt;').replace(/</g, '&lt;').replace(/"/g, '&quot;').replace(/'/g, '&apos;').replace(/\r/g, '<br />').replace(/\n/g, '').replace(/\t/g, '&nbsp;&nbsp;'); if (typeof x == "boolean") return x; if (typeof x == "number") return x; }
 
     // Setup mail server
-    var options = { host: parent.config.smtp.host, secure: (parent.config.smtp.tls == true), tls: { rejectUnauthorized: false } };
+    var options = { host: parent.config.smtp.host, secure: (parent.config.smtp.tls == true), tls: { secureProtocol: 'SSLv23_method', ciphers: 'RSA+AES:!aNULL:!MD5:!DSS', secureOptions: constants.SSL_OP_NO_SSLv2 | constants.SSL_OP_NO_SSLv3 | constants.SSL_OP_NO_COMPRESSION | constants.SSL_OP_CIPHER_SERVER_PREFERENCE, rejectUnauthorized: false } };
     if (parent.config.smtp.port != null) { options.port = parent.config.smtp.port; }
     if ((parent.config.smtp.user != null) && (parent.config.smtp.pass != null)) { options.auth = { user: parent.config.smtp.user, pass: parent.config.smtp.pass }; }
     obj.smtpServer = nodemailer.createTransport(options);
diff --git a/package.json b/package.json
index 3c265e8c..551c0cf6 100644
--- a/package.json
+++ b/package.json
@@ -1,6 +1,6 @@
 {
   "name": "meshcentral",
-  "version": "0.4.0-i",
+  "version": "0.4.0-j",
   "keywords": [
     "Remote Management",
     "Intel AMT",