Mirrors/go-chasquid-smtp
1
0
Fork 0
mirror of https://blitiri.com.ar/repos/chasquid synced 2026-01-09 17:55:57 +00:00
Code Releases Activity

smtpsrv: Fail to listen if there are no certificates configured

Browse Source 
The server is written assuming there's at least one valid SSL/TLS
certificate. For example, it unconditionally advertises STARTTLS, and
only supports AUTH over TLS.

This patch makes the server fail to listen if there are no certificates
configured, so the users don't accidentally run an unsupported
configuration.
This commit is contained in:
Alberto Bertogli
2016-11-24 10:09:11 +00:00
parent de09923933
commit 75cc038e68
2 changed files with 15 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
internal/smtpsrv/server.go
View File

@@ -155,6 +155,15 @@ func (s *Server) periodicallyReload() {
}
func (s *Server) ListenAndServe() {
if len(s.tlsConfig.Certificates) == 0 {
// chasquid assumes there's at least one valid certificate (for things
// like STARTTLS, user authentication, etc.), so we fail if none was
// found.
log.Errorf("No SSL/TLS certificates found")
log.Errorf("Ideally there should be a certificate for each MX you act as")
log.Fatalf("At least one valid certificate is needed")
}
// At this point the TLS config should be done, build the
// name->certificate map (used by the TLS library for SNI).
s.tlsConfig.BuildNameToCertificate()