From 65e80640d51a5337fc5f9bf028c5439f4b40cf63 Mon Sep 17 00:00:00 2001
From: Josef Rokos <pepa@bukova.info>
Date: Fri, 16 Feb 2024 12:13:50 +0100
Subject: [PATCH] Added setting for accept invalid certificate on SMTP server.

---
 config_sample.toml  |  1 +
 src/backend/mail.rs | 31 ++++++++++++++++++++++++++++---
 src/config.rs       |  6 +++++-
 3 files changed, 34 insertions(+), 4 deletions(-)

diff --git a/config_sample.toml b/config_sample.toml
index 4a6e694..4c6a684 100644
--- a/config_sample.toml
+++ b/config_sample.toml
@@ -21,3 +21,4 @@ path = "Maildir"
 #user = "user"
 #password = "password"
 #tls = true
+#accept_all_certs = true
diff --git a/src/backend/mail.rs b/src/backend/mail.rs
index 9e98832..296a51e 100644
--- a/src/backend/mail.rs
+++ b/src/backend/mail.rs
@@ -15,6 +15,7 @@ cfg_if! { if #[cfg(feature = "ssr")] {
     use crate::backend::data::ResSumWithItems;
     use lettre::message::Message as LettreMessage;
     use lettre::{AsyncSmtpTransport, AsyncFileTransport, AsyncTransport, Tokio1Executor};
+    use lettre::transport::smtp::client::{Tls, TlsParameters};
     use lettre::transport::smtp::authentication::Credentials;
     use std::ops::Add;
 
@@ -102,11 +103,35 @@ cfg_if! { if #[cfg(feature = "ssr")] {
         pub async fn send_mail(&self, msg: MailMessage) -> Result<(), AppError> {
             match self.transport() {
                 MailTransport::Smtp => {
+                    let tls = if let Some(t) = self.accept_all_certs() {
+                        if t {
+                            let tls = TlsParameters::builder(self.server().clone().unwrap_or_default())
+                            .dangerous_accept_invalid_certs(true)
+                            .dangerous_accept_invalid_hostnames(true);
+                        Some(tls.build().expect("Cannot build TLS params"))
+                        } else {
+                            None
+                        }
+                    } else {
+                        None
+                    };
                     let transport = if self.tls().unwrap_or(false) {
-                        AsyncSmtpTransport::<Tokio1Executor>::starttls_relay(&self.server().clone().unwrap_or_default())
+                        let transport = AsyncSmtpTransport::<Tokio1Executor>::starttls_relay(&self.server().clone().unwrap_or_default())
+                            .expect("Cannot create SMTP mail transport");
+                        if let Some(t) = tls {
+                            transport.tls(Tls::Required(t))
+                        } else {
+                            transport
+                        }
                     } else {
-                        AsyncSmtpTransport::<Tokio1Executor>::relay(&self.server().clone().unwrap_or_default())
-                    }.expect("Cannot create SMTP mail transport");
+                        let transport = AsyncSmtpTransport::<Tokio1Executor>::relay(&self.server().clone().unwrap_or_default())
+                            .expect("Cannot create SMTP mail transport");
+                        if let Some(t) = tls {
+                            transport.tls(Tls::Wrapper(t))
+                        } else {
+                            transport
+                        }
+                    };
                     let transport = if let Some(p) = self.port() {
                         transport.port(p)
                     } else {
diff --git a/src/config.rs b/src/config.rs
index 83294da..87961bf 100644
--- a/src/config.rs
+++ b/src/config.rs
@@ -68,7 +68,8 @@ pub struct Mailing {
     port: Option<u16>,
     user: Option<String>,
     password: Option<String>,
-    tls: Option<bool>
+    tls: Option<bool>,
+    accept_all_certs: Option<bool>
 }
 
 #[cfg(feature = "ssr")]
@@ -97,6 +98,9 @@ impl Mailing {
     pub fn tls(&self) -> Option<bool> {
         self.tls
     }
+    pub fn accept_all_certs(&self) -> Option<bool> {
+        self.accept_all_certs
+    }
 }