Add SMTP_TSL_INSECURE and SMTP_TSL_SERVER_NAME for better SMTP TSL control

2020-09-02 13:09:41 +02:00 · 2020-09-02 13:09:41 +02:00 · e1cf327227
commit e1cf327227
parent a0036bdecf
3 changed files with 43 additions and 4 deletions
--- a/app/boot_levels.go
+++ b/app/boot_levels.go
@ -2,6 +2,7 @@ package app

 import (
 	"context"
+	"crypto/tls"
 	"errors"
 	"fmt"
 	cmpService "github.com/cortezaproject/corteza-server/compose/service"
@ -28,6 +29,7 @@ import (
 	sysService "github.com/cortezaproject/corteza-server/system/service"
 	sysEvent "github.com/cortezaproject/corteza-server/system/service/event"
 	"go.uber.org/zap"
+	gomail "gopkg.in/mail.v2"
 	"time"
 )

@ -70,7 +72,29 @@ func (app *CortezaApp) Setup() (err error) {
 	defer sentry.Recover()

 	auth.SetupDefault(app.Opt.Auth.Secret, int(app.Opt.Auth.Expiry/time.Minute))
-	mail.SetupDialer(app.Opt.SMTP.Host, app.Opt.SMTP.Port, app.Opt.SMTP.User, app.Opt.SMTP.Pass, app.Opt.SMTP.From)
+
+	mail.SetupDialer(
+		app.Opt.SMTP.Host,
+		app.Opt.SMTP.Port,
+		app.Opt.SMTP.User,
+		app.Opt.SMTP.Pass,
+		app.Opt.SMTP.From,
+
+		// Apply TLS configuration
+		func(d *gomail.Dialer) {
+			if d.TLSConfig == nil {
+				d.TLSConfig = &tls.Config{ServerName: d.Host}
+			}
+
+			if app.Opt.SMTP.TlsInsecure {
+				d.TLSConfig.InsecureSkipVerify = true
+			}
+
+			if app.Opt.SMTP.TlsServerName != "" {
+				d.TLSConfig.ServerName = app.Opt.SMTP.TlsServerName
+			}
+		},
+	)

 	http.SetupDefaults(
 		app.Opt.HTTPClient.HttpClientTimeout,
--- a/pkg/mail/mail.go
+++ b/pkg/mail/mail.go
@ -13,6 +13,8 @@ type (
 	Dialer interface {
 		DialAndSend(...*gomail.Message) error
 	}
+
+	applyCfg func(*gomail.Dialer)
 )

 const (
@ -33,7 +35,7 @@ func init() {
 // SetupDialer setups SMTP dialer
 //
 // Host variable can contain "<host>:<port>" that will override port value
-func SetupDialer(host string, port int, user, pass, from string) {
+func SetupDialer(host string, port int, user, pass, from string, ff ...applyCfg) {
 	if host == "" {
 		defaultDialerError = errors.New("No hostname provided for SMTP")
 		return
@ -59,12 +61,19 @@ func SetupDialer(host string, port int, user, pass, from string) {
 	}

 	defaultFrom = from
-	defaultDialer = gomail.NewDialer(
+	dialer := gomail.NewDialer(
 		host,
 		port,
 		user,
 		pass,
 	)
+
+	dialer.SSL = true
+	for _, fn := range ff {
+		fn(dialer)
+	}
+
+	defaultDialer = dialer
 }

 func New() *gomail.Message {
--- a/pkg/options/smtp.go
+++ b/pkg/options/smtp.go
@ -7,16 +7,22 @@ type (
 		User string `env:"SMTP_USER"`
 		Pass string `env:"SMTP_PASS"`
 		From string `env:"SMTP_FROM"`
+
+		TlsInsecure   bool   `env:"SMTP_TSL_INSECURE"`
+		TlsServerName string `env:"SMTP_TSL_SERVER_NAME"`
 	}
 )

 func SMTP(pfix string) (o *SMTPOpt) {
 	o = &SMTPOpt{
-		Host: "localhost:25",
+		Host: "localhost",
 		Port: 25,
 		User: "",
 		Pass: "",
 		From: "",
+
+		TlsInsecure:   false,
+		TlsServerName: "",
 	}

 	fill(o)