diff --git a/conf/app.ini b/conf/app.ini index 2019557bd46a..ad38c42e7176 100644 --- a/conf/app.ini +++ b/conf/app.ini @@ -105,6 +105,10 @@ SUBJECT = %(APP_NAME)s HOST = ; Do not verify the certificate of the server. Only use this for self-signed certificates SKIP_VERIFY = +; Use client certificate +USE_CERTIFICATE = false +CERT_FILE = custom/mailer/cert.pem +KEY_FILE = custom/mailer/key.pem ; Mail from address, RFC 5322. This can be just an email address, or the "Name" format FROM = ; Mailer user name and password diff --git a/modules/mailer/mailer.go b/modules/mailer/mailer.go index fc6ec2fa867e..74a3fca5780d 100644 --- a/modules/mailer/mailer.go +++ b/modules/mailer/mailer.go @@ -78,6 +78,14 @@ func sendMail(settings *setting.Mailer, recipients []string, msgContent []byte) ServerName: host, } + if settings.UseCertificate { + cert, err := tls.LoadX509KeyPair(settings.CertFile, settings.KeyFile) + if err != nil { + return err + } + tlsconfig.Certificates = []tls.Certificate{cert} + } + conn, err := net.Dial("tcp", net.JoinHostPort(host, port)) if err != nil { return err diff --git a/modules/setting/setting.go b/modules/setting/setting.go index 6db43b16b3d6..fd07c17f2399 100644 --- a/modules/setting/setting.go +++ b/modules/setting/setting.go @@ -451,11 +451,13 @@ func newSessionService() { // Mailer represents mail service. type Mailer struct { - Name string - Host string - From string - User, Passwd string - SkipVerify bool + Name string + Host string + From string + User, Passwd string + SkipVerify bool + UseCertificate bool + CertFile, KeyFile string } type OauthInfo struct { @@ -483,11 +485,14 @@ func newMailService() { } MailService = &Mailer{ - Name: sec.Key("NAME").MustString(AppName), - Host: sec.Key("HOST").String(), - User: sec.Key("USER").String(), - Passwd: sec.Key("PASSWD").String(), - SkipVerify: sec.Key("SKIP_VERIFY").MustBool(), + Name: sec.Key("NAME").MustString(AppName), + Host: sec.Key("HOST").String(), + User: sec.Key("USER").String(), + Passwd: sec.Key("PASSWD").String(), + SkipVerify: sec.Key("SKIP_VERIFY").MustBool(), + UseCertificate: sec.Key("USE_CERTIFICATE").MustBool(), + CertFile: sec.Key("CERT_FILE").String(), + KeyFile: sec.Key("KEY_FILE").String(), } MailService.From = sec.Key("FROM").MustString(MailService.User) log.Info("Mail Service Enabled")