mirror of
https://github.com/hrfee/jfa-go.git
synced 2024-12-23 01:20:11 +00:00
add option to trust specific cert for SMTP
This commit is contained in:
parent
5892899114
commit
43e5bbbe21
@ -673,6 +673,14 @@
|
|||||||
"requires_restart": false,
|
"requires_restart": false,
|
||||||
"type": "password",
|
"type": "password",
|
||||||
"value": "smtp password"
|
"value": "smtp password"
|
||||||
|
},
|
||||||
|
"ssl_cert": {
|
||||||
|
"name": "Path to custom SSL certificate",
|
||||||
|
"required": false,
|
||||||
|
"requires_restart": false,
|
||||||
|
"type": "text",
|
||||||
|
"value": "",
|
||||||
|
"description": "Use if your SMTP server's SSL Certificate is not trusted by the system."
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
|
44
email.go
44
email.go
@ -4,10 +4,13 @@ import (
|
|||||||
"bytes"
|
"bytes"
|
||||||
"context"
|
"context"
|
||||||
"crypto/tls"
|
"crypto/tls"
|
||||||
|
"crypto/x509"
|
||||||
|
"errors"
|
||||||
"fmt"
|
"fmt"
|
||||||
"html/template"
|
"html/template"
|
||||||
"io"
|
"io"
|
||||||
"net/smtp"
|
"net/smtp"
|
||||||
|
"os"
|
||||||
"strings"
|
"strings"
|
||||||
"sync"
|
"sync"
|
||||||
textTemplate "text/template"
|
textTemplate "text/template"
|
||||||
@ -49,18 +52,15 @@ func (mg *Mailgun) send(fromName, fromAddr string, email *Email, address ...stri
|
|||||||
|
|
||||||
// SMTP supports SSL/TLS and STARTTLS; implements emailClient.
|
// SMTP supports SSL/TLS and STARTTLS; implements emailClient.
|
||||||
type SMTP struct {
|
type SMTP struct {
|
||||||
sslTLS bool
|
sslTLS bool
|
||||||
server string
|
server string
|
||||||
port int
|
port int
|
||||||
auth smtp.Auth
|
auth smtp.Auth
|
||||||
|
tlsConfig *tls.Config
|
||||||
}
|
}
|
||||||
|
|
||||||
func (sm *SMTP) send(fromName, fromAddr string, email *Email, address ...string) error {
|
func (sm *SMTP) send(fromName, fromAddr string, email *Email, address ...string) error {
|
||||||
server := fmt.Sprintf("%s:%d", sm.server, sm.port)
|
server := fmt.Sprintf("%s:%d", sm.server, sm.port)
|
||||||
tlsConfig := &tls.Config{
|
|
||||||
InsecureSkipVerify: false,
|
|
||||||
ServerName: sm.server,
|
|
||||||
}
|
|
||||||
from := fmt.Sprintf("%s <%s>", fromName, fromAddr)
|
from := fmt.Sprintf("%s <%s>", fromName, fromAddr)
|
||||||
var wg sync.WaitGroup
|
var wg sync.WaitGroup
|
||||||
var err error
|
var err error
|
||||||
@ -75,9 +75,9 @@ func (sm *SMTP) send(fromName, fromAddr string, email *Email, address ...string)
|
|||||||
e.HTML = []byte(email.HTML)
|
e.HTML = []byte(email.HTML)
|
||||||
e.To = []string{addr}
|
e.To = []string{addr}
|
||||||
if sm.sslTLS {
|
if sm.sslTLS {
|
||||||
err = e.SendWithTLS(server, sm.auth, tlsConfig)
|
err = e.SendWithTLS(server, sm.auth, sm.tlsConfig)
|
||||||
} else {
|
} else {
|
||||||
err = e.SendWithStartTLS(server, sm.auth, tlsConfig)
|
err = e.SendWithStartTLS(server, sm.auth, sm.tlsConfig)
|
||||||
}
|
}
|
||||||
}(addr)
|
}(addr)
|
||||||
}
|
}
|
||||||
@ -139,7 +139,10 @@ func NewEmailer(app *appContext) *Emailer {
|
|||||||
} else {
|
} else {
|
||||||
username = emailer.fromAddr
|
username = emailer.fromAddr
|
||||||
}
|
}
|
||||||
emailer.NewSMTP(app.config.Section("smtp").Key("server").String(), app.config.Section("smtp").Key("port").MustInt(465), username, app.config.Section("smtp").Key("password").String(), sslTls)
|
err := emailer.NewSMTP(app.config.Section("smtp").Key("server").String(), app.config.Section("smtp").Key("port").MustInt(465), username, app.config.Section("smtp").Key("password").String(), sslTls, app.config.Section("smtp").Key("ssl_cert").MustString(""))
|
||||||
|
if err != nil {
|
||||||
|
app.err.Printf("Error while initiating SMTP mailer: %v", err)
|
||||||
|
}
|
||||||
} else if method == "mailgun" {
|
} else if method == "mailgun" {
|
||||||
emailer.NewMailgun(app.config.Section("mailgun").Key("api_url").String(), app.config.Section("mailgun").Key("api_key").String())
|
emailer.NewMailgun(app.config.Section("mailgun").Key("api_url").String(), app.config.Section("mailgun").Key("api_key").String())
|
||||||
}
|
}
|
||||||
@ -161,13 +164,30 @@ func (emailer *Emailer) NewMailgun(url, key string) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
// NewSMTP returns an SMTP emailClient.
|
// NewSMTP returns an SMTP emailClient.
|
||||||
func (emailer *Emailer) NewSMTP(server string, port int, username, password string, sslTLS bool) {
|
func (emailer *Emailer) NewSMTP(server string, port int, username, password string, sslTLS bool, certPath string) (err error) {
|
||||||
|
rootCAs, err := x509.SystemCertPool()
|
||||||
|
if rootCAs == nil || err != nil {
|
||||||
|
rootCAs = x509.NewCertPool()
|
||||||
|
}
|
||||||
|
if certPath != "" {
|
||||||
|
var cert []byte
|
||||||
|
cert, err = os.ReadFile(certPath)
|
||||||
|
if rootCAs.AppendCertsFromPEM(cert) == false {
|
||||||
|
err = errors.New("Failed to append cert to pool")
|
||||||
|
}
|
||||||
|
}
|
||||||
emailer.sender = &SMTP{
|
emailer.sender = &SMTP{
|
||||||
auth: smtp.PlainAuth("", username, password, server),
|
auth: smtp.PlainAuth("", username, password, server),
|
||||||
server: server,
|
server: server,
|
||||||
port: port,
|
port: port,
|
||||||
sslTLS: sslTLS,
|
sslTLS: sslTLS,
|
||||||
|
tlsConfig: &tls.Config{
|
||||||
|
InsecureSkipVerify: false,
|
||||||
|
ServerName: server,
|
||||||
|
RootCAs: rootCAs,
|
||||||
|
},
|
||||||
}
|
}
|
||||||
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
type templ interface {
|
type templ interface {
|
||||||
|
Loading…
Reference in New Issue
Block a user