#120: Add support for StartTLS protocol

* add starttls * remove starttls from default config Co-authored-by: Gopher Johns <gopher.johns28@gmail.com>
2021-06-05 21:47:11 +02:00
parent 81aeb7a48e
commit 2131fa4412
3 changed files with 101 additions and 2 deletions
--- a/client/client.go
+++ b/client/client.go
@ -2,10 +2,14 @@ package client

 import (
 	"crypto/tls"
+	"crypto/x509"
+	"fmt"
 	"net"
 	"net/http"
+	"net/smtp"
 	"os"
 	"strconv"
+	"strings"
 	"time"

 	"github.com/go-ping/ping"
@ -74,6 +78,36 @@ func CanCreateTCPConnection(address string) bool {
 	return true
 }

+func CanPerformStartTls(address string, insecure bool) (connected bool, certificate *x509.Certificate, err error) {
+	tokens := strings.Split(address, ":")
+	if len(tokens) != 2 {
+		err = fmt.Errorf("invalid address for starttls, must HOST:PORT")
+		return
+	}
+	tlsconfig := &tls.Config{
+		InsecureSkipVerify: insecure,
+		ServerName:         tokens[0],
+	}
+
+	c, err := smtp.Dial(address)
+	if err != nil {
+		return
+	}
+
+	err = c.StartTLS(tlsconfig)
+	if err != nil {
+		return
+	}
+	if state, ok := c.TLSConnectionState(); ok {
+		certificate = state.PeerCertificates[0]
+	} else {
+		err = fmt.Errorf("could not get TLS connection state")
+		return
+	}
+	connected = true
+	return
+}
+
 // Ping checks if an address can be pinged and returns the round-trip time if the address can be pinged
 //
 // Note that this function takes at least 100ms, even if the address is 127.0.0.1