1
0
mirror of https://github.com/hrfee/jfa-go.git synced 2024-12-22 09:00:10 +00:00

Add checkbox that allows invalid SMTP certificates to be used.

This commit is contained in:
Stefan Schokker 2021-11-08 20:48:55 +01:00
parent 0bf8cd65cd
commit 556c31d4ea
3 changed files with 15 additions and 5 deletions

View File

@ -552,6 +552,15 @@
"type": "text",
"value": "",
"description": "Use if your SMTP server's SSL Certificate is not trusted by the system."
},
"cert_validation": {
"name": "Verify certificate",
"required": false,
"requires_restart": false,
"advanced": true,
"type": "bool",
"value": true,
"description": "Warning, disabling this makes you much more vulnerable to man-in-the-middle attacks"
}
}
},

View File

@ -84,7 +84,7 @@ func NewEmailer(app *appContext) *Emailer {
if username == "" && password != "" {
username = emailer.fromAddr
}
err := emailer.NewSMTP(app.config.Section("smtp").Key("server").String(), app.config.Section("smtp").Key("port").MustInt(465), username, password, sslTLS, app.config.Section("smtp").Key("ssl_cert").MustString(""), app.config.Section("smtp").Key("hello_hostname").String())
err := emailer.NewSMTP(app.config.Section("smtp").Key("server").String(), app.config.Section("smtp").Key("port").MustInt(465), username, password, sslTLS, app.config.Section("smtp").Key("ssl_cert").MustString(""), app.config.Section("smtp").Key("hello_hostname").String(), app.config.Section("smtp").Key("cert-validation").MustBool(true))
if err != nil {
app.err.Printf("Error while initiating SMTP mailer: %v", err)
}
@ -110,7 +110,7 @@ type SMTP struct {
}
// NewSMTP returns an SMTP emailClient.
func (emailer *Emailer) NewSMTP(server string, port int, username, password string, sslTLS bool, certPath string, helloHostname string) (err error) {
func (emailer *Emailer) NewSMTP(server string, port int, username, password string, sslTLS bool, certPath string, helloHostname string, validateCertificate bool) (err error) {
sender := &SMTP{}
sender.Client = sMail.NewSMTPClient()
if sslTLS {
@ -131,7 +131,7 @@ func (emailer *Emailer) NewSMTP(server string, port int, username, password stri
// x509.SystemCertPool is unavailable on windows
if PLATFORM == "windows" {
sender.Client.TLSConfig = &tls.Config{
InsecureSkipVerify: false,
InsecureSkipVerify: validateCertificate,
ServerName: server,
}
emailer.sender = sender
@ -149,7 +149,7 @@ func (emailer *Emailer) NewSMTP(server string, port int, username, password stri
}
}
sender.Client.TLSConfig = &tls.Config{
InsecureSkipVerify: false,
InsecureSkipVerify: validateCertificate,
ServerName: server,
RootCAs: rootCAs,
}

View File

@ -296,7 +296,8 @@ const settings = {
"encryption": new Select(get("smtp-encryption")),
"server": new Input(get("smtp-server")),
"port": new Input(get("smtp-port")),
"password": new Input(get("smtp-password"))
"password": new Input(get("smtp-password")),
"cert-validation": new Input(get("smtp-cert-validation"))
},
"ombi": {
"enabled": new Checkbox(get("ombi-enabled"), "", false, "ombi", "enabled"),