From 6f6e21064d61dc9361dff1a6a9f0d6a050e79d71 Mon Sep 17 00:00:00 2001 From: Robert Sesek Date: Sat, 17 Dec 2016 19:47:32 -0500 Subject: [PATCH] Support TLS in POP3. --- config.go | 29 +++++++++++++++++++++++++++++ pop3.go | 16 +++++++++++++++- 2 files changed, 44 insertions(+), 1 deletion(-) diff --git a/config.go b/config.go index a66c370..a825cd2 100644 --- a/config.go +++ b/config.go @@ -1,5 +1,9 @@ package main +import ( + "crypto/tls" +) + type Config struct { SMTPPort int POP3Port int @@ -26,3 +30,28 @@ type Server struct { // Blacklisted addresses that should not accept mail. BlacklistedAddresses []string } + +func (c Config) GetTLSConfig() (*tls.Config, error) { + certs := make([]tls.Certificate, 0, len(c.Servers)) + for _, server := range c.Servers { + if server.TLSCertPath == "" { + continue + } + + cert, err := tls.LoadX509KeyPair(server.TLSCertPath, server.TLSKeyPath) + if err != nil { + return nil, err + } + certs = append(certs, cert) + } + + if len(certs) == 0 { + return nil, nil + } + + config := &tls.Config{ + Certificates: certs, + } + config.BuildNameToCertificate() + return config, nil +} diff --git a/pop3.go b/pop3.go index 6d8dfd2..0e21ec1 100644 --- a/pop3.go +++ b/pop3.go @@ -1,6 +1,7 @@ package main import ( + "crypto/tls" "errors" "fmt" "io" @@ -33,7 +34,20 @@ func (server *pop3Server) run() { } } - l, err := net.Listen("tcp", fmt.Sprintf(":%d", server.config.POP3Port)) + tlsConfig, err := server.config.GetTLSConfig() + if err != nil { + server.rc <- err + return + } + + addr := fmt.Sprintf(":%d", server.config.POP3Port) + + var l net.Listener + if tlsConfig == nil { + l, err = net.Listen("tcp", addr) + } else { + l, err = tls.Listen("tcp", addr, tlsConfig) + } if err != nil { server.rc <- err return -- 2.43.5