1
0
mirror of https://github.com/hrfee/jfa-go.git synced 2025-01-08 17:30:11 +00:00

Add checkbox that allows invalid SMTP certificates to be used.

This commit is contained in:
Stefan Schokker 2021-11-08 20:48:55 +01:00
parent 0bf8cd65cd
commit 556c31d4ea
3 changed files with 15 additions and 5 deletions

View File

@ -552,6 +552,15 @@
"type": "text", "type": "text",
"value": "", "value": "",
"description": "Use if your SMTP server's SSL Certificate is not trusted by the system." "description": "Use if your SMTP server's SSL Certificate is not trusted by the system."
},
"cert_validation": {
"name": "Verify certificate",
"required": false,
"requires_restart": false,
"advanced": true,
"type": "bool",
"value": true,
"description": "Warning, disabling this makes you much more vulnerable to man-in-the-middle attacks"
} }
} }
}, },

View File

@ -84,7 +84,7 @@ func NewEmailer(app *appContext) *Emailer {
if username == "" && password != "" { if username == "" && password != "" {
username = emailer.fromAddr username = emailer.fromAddr
} }
err := emailer.NewSMTP(app.config.Section("smtp").Key("server").String(), app.config.Section("smtp").Key("port").MustInt(465), username, password, sslTLS, app.config.Section("smtp").Key("ssl_cert").MustString(""), app.config.Section("smtp").Key("hello_hostname").String()) err := emailer.NewSMTP(app.config.Section("smtp").Key("server").String(), app.config.Section("smtp").Key("port").MustInt(465), username, password, sslTLS, app.config.Section("smtp").Key("ssl_cert").MustString(""), app.config.Section("smtp").Key("hello_hostname").String(), app.config.Section("smtp").Key("cert-validation").MustBool(true))
if err != nil { if err != nil {
app.err.Printf("Error while initiating SMTP mailer: %v", err) app.err.Printf("Error while initiating SMTP mailer: %v", err)
} }
@ -110,7 +110,7 @@ type SMTP struct {
} }
// NewSMTP returns an SMTP emailClient. // NewSMTP returns an SMTP emailClient.
func (emailer *Emailer) NewSMTP(server string, port int, username, password string, sslTLS bool, certPath string, helloHostname string) (err error) { func (emailer *Emailer) NewSMTP(server string, port int, username, password string, sslTLS bool, certPath string, helloHostname string, validateCertificate bool) (err error) {
sender := &SMTP{} sender := &SMTP{}
sender.Client = sMail.NewSMTPClient() sender.Client = sMail.NewSMTPClient()
if sslTLS { if sslTLS {
@ -131,7 +131,7 @@ func (emailer *Emailer) NewSMTP(server string, port int, username, password stri
// x509.SystemCertPool is unavailable on windows // x509.SystemCertPool is unavailable on windows
if PLATFORM == "windows" { if PLATFORM == "windows" {
sender.Client.TLSConfig = &tls.Config{ sender.Client.TLSConfig = &tls.Config{
InsecureSkipVerify: false, InsecureSkipVerify: validateCertificate,
ServerName: server, ServerName: server,
} }
emailer.sender = sender emailer.sender = sender
@ -149,7 +149,7 @@ func (emailer *Emailer) NewSMTP(server string, port int, username, password stri
} }
} }
sender.Client.TLSConfig = &tls.Config{ sender.Client.TLSConfig = &tls.Config{
InsecureSkipVerify: false, InsecureSkipVerify: validateCertificate,
ServerName: server, ServerName: server,
RootCAs: rootCAs, RootCAs: rootCAs,
} }

View File

@ -296,7 +296,8 @@ const settings = {
"encryption": new Select(get("smtp-encryption")), "encryption": new Select(get("smtp-encryption")),
"server": new Input(get("smtp-server")), "server": new Input(get("smtp-server")),
"port": new Input(get("smtp-port")), "port": new Input(get("smtp-port")),
"password": new Input(get("smtp-password")) "password": new Input(get("smtp-password")),
"cert-validation": new Input(get("smtp-cert-validation"))
}, },
"ombi": { "ombi": {
"enabled": new Checkbox(get("ombi-enabled"), "", false, "ombi", "enabled"), "enabled": new Checkbox(get("ombi-enabled"), "", false, "ombi", "enabled"),