From: Robert Sesek <rsesek@bluestatic.org>
Date: Sun, 18 Dec 2016 00:47:32 +0000 (-0500)
Subject: Support TLS in POP3.
X-Git-Tag: v1.0.0~9
X-Git-Url: https://src.bluestatic.org/?a=commitdiff_plain;h=6f6e21064d61dc9361dff1a6a9f0d6a050e79d71;p=mailpopbox.git

Support TLS in POP3.
---

diff --git a/config.go b/config.go
index a66c370..a825cd2 100644
--- a/config.go
+++ b/config.go
@@ -1,5 +1,9 @@
 package main
 
+import (
+	"crypto/tls"
+)
+
 type Config struct {
 	SMTPPort int
 	POP3Port int
@@ -26,3 +30,28 @@ type Server struct {
 	// Blacklisted addresses that should not accept mail.
 	BlacklistedAddresses []string
 }
+
+func (c Config) GetTLSConfig() (*tls.Config, error) {
+	certs := make([]tls.Certificate, 0, len(c.Servers))
+	for _, server := range c.Servers {
+		if server.TLSCertPath == "" {
+			continue
+		}
+
+		cert, err := tls.LoadX509KeyPair(server.TLSCertPath, server.TLSKeyPath)
+		if err != nil {
+			return nil, err
+		}
+		certs = append(certs, cert)
+	}
+
+	if len(certs) == 0 {
+		return nil, nil
+	}
+
+	config := &tls.Config{
+		Certificates: certs,
+	}
+	config.BuildNameToCertificate()
+	return config, nil
+}
diff --git a/pop3.go b/pop3.go
index 6d8dfd2..0e21ec1 100644
--- a/pop3.go
+++ b/pop3.go
@@ -1,6 +1,7 @@
 package main
 
 import (
+	"crypto/tls"
 	"errors"
 	"fmt"
 	"io"
@@ -33,7 +34,20 @@ func (server *pop3Server) run() {
 		}
 	}
 
-	l, err := net.Listen("tcp", fmt.Sprintf(":%d", server.config.POP3Port))
+	tlsConfig, err := server.config.GetTLSConfig()
+	if err != nil {
+		server.rc <- err
+		return
+	}
+
+	addr := fmt.Sprintf(":%d", server.config.POP3Port)
+
+	var l net.Listener
+	if tlsConfig == nil {
+		l, err = net.Listen("tcp", addr)
+	} else {
+		l, err = tls.Listen("tcp", addr, tlsConfig)
+	}
 	if err != nil {
 		server.rc <- err
 		return