New feature: SMTP connection may use client certificate.

New config keys in [mailer] section: - CERT_FILE: path to a certificate file. - KEY_FILE: path to a key file.
10 years ago · 8a6c86644e
2 changed files with 14 additions and 5 deletions
--- a/modules/mailer/mailer.go
+++ b/modules/mailer/mailer.go
@ -72,9 +72,15 @@ func sendMail(settings *setting.Mailer, recipients []string, msgContent []byte)
 		return err
 	}

+	cert, err := tls.LoadX509KeyPair(settings.CertFile, settings.KeyFile)
+	if err != nil {
+		return err
+	}
+
 	tlsconfig := &tls.Config{
 		InsecureSkipVerify: settings.SkipVerify,
 		ServerName:         host,
+		Certificates:       []tls.Certificate{cert},
 	}

 	conn, err := net.Dial("tcp", net.JoinHostPort(host, port))
--- a/modules/setting/setting.go
+++ b/modules/setting/setting.go
@ -446,11 +446,12 @@ func newSessionService() {

 // Mailer represents mail service.
 type Mailer struct {
-	Name         string
-	Host         string
-	From         string
-	User, Passwd string
-	SkipVerify   bool
+	Name              string
+	Host              string
+	From              string
+	User, Passwd      string
+	SkipVerify        bool
+	CertFile, KeyFile string
 }

 type OauthInfo struct {
@ -483,6 +484,8 @@ func newMailService() {
 		User:       sec.Key("USER").String(),
 		Passwd:     sec.Key("PASSWD").String(),
 		SkipVerify: sec.Key("SKIP_VERIFY").MustBool(),
+		CertFile:   sec.Key("CERT_FILE").String(),
+		KeyFile:    sec.Key("KEY_FILE").String(),
 	}
 	MailService.From = sec.Key("FROM").MustString(MailService.User)
 	log.Info("Mail Service Enabled")