Merge pull request #943 from diseaz/mailer-client-cert

Use client certificate for SMTP over TLS
9 years ago · 3db80f2c55
parent a6a2f59d1d 2692d4aa49
commit 3db80f2c55
3 changed files with 27 additions and 10 deletions
--- a/conf/app.ini
+++ b/conf/app.ini
@ -105,6 +105,10 @@ SUBJECT = %(APP_NAME)s
 HOST =
 ; Do not verify the certificate of the server. Only use this for self-signed certificates
 SKIP_VERIFY = 
+; Use client certificate
+USE_CERTIFICATE = false
+CERT_FILE = custom/mailer/cert.pem
+KEY_FILE = custom/mailer/key.pem
 ; Mail from address, RFC 5322. This can be just an email address, or the "Name" <email@example.com> format 
 FROM =
 ; Mailer user name and password
--- a/modules/mailer/mailer.go
+++ b/modules/mailer/mailer.go
@ -78,6 +78,14 @@ func sendMail(settings *setting.Mailer, recipients []string, msgContent []byte)
 		ServerName:         host,
 	}

+	if settings.UseCertificate {
+		cert, err := tls.LoadX509KeyPair(settings.CertFile, settings.KeyFile)
+		if err != nil {
+			return err
+		}
+		tlsconfig.Certificates = []tls.Certificate{cert}
+	}
+
 	conn, err := net.Dial("tcp", net.JoinHostPort(host, port))
 	if err != nil {
 		return err
--- a/modules/setting/setting.go
+++ b/modules/setting/setting.go
@ -451,11 +451,13 @@ func newSessionService() {

 // Mailer represents mail service.
 type Mailer struct {
-	Name         string
-	Host         string
-	From         string
-	User, Passwd string
-	SkipVerify   bool
+	Name              string
+	Host              string
+	From              string
+	User, Passwd      string
+	SkipVerify        bool
+	UseCertificate    bool
+	CertFile, KeyFile string
 }

 type OauthInfo struct {
@ -483,11 +485,14 @@ func newMailService() {
 	}

 	MailService = &Mailer{
-		Name:       sec.Key("NAME").MustString(AppName),
-		Host:       sec.Key("HOST").String(),
-		User:       sec.Key("USER").String(),
-		Passwd:     sec.Key("PASSWD").String(),
-		SkipVerify: sec.Key("SKIP_VERIFY").MustBool(),
+		Name:           sec.Key("NAME").MustString(AppName),
+		Host:           sec.Key("HOST").String(),
+		User:           sec.Key("USER").String(),
+		Passwd:         sec.Key("PASSWD").String(),
+		SkipVerify:     sec.Key("SKIP_VERIFY").MustBool(),
+		UseCertificate: sec.Key("USE_CERTIFICATE").MustBool(),
+		CertFile:       sec.Key("CERT_FILE").String(),
+		KeyFile:        sec.Key("KEY_FILE").String(),
 	}
 	MailService.From = sec.Key("FROM").MustString(MailService.User)
 	log.Info("Mail Service Enabled")