v2: client: support custom tls.Config{} in DialTLS() and DialStartTLS()
iredmail opened this issue · comments
Dear developers,
DialTLS()
and DialStartTLS()
don't support customizing tls.Config, hence no way to disable ssl cert verification.
It would be more convenience to use a new parameter to accept custom tls.Config like this:
// Current
// func DialTLS(address string, options *Options) (*Client, error) { ... }
// Suggested:
func DialTLS(address string, options *Options, tlsConfig *tls.Config) (*Client, error) {...}
// Current:
// func DialStartTLS(address string, options *Options) (*Client, error) {...}
// Suggested:
func DialStartTLS(address string, options *Options, tlsConfig *tls.Config) (*Client, error) {...}
I coded this up for me to use self-signed certificates.
It is also required for client certificates or other pki magic
work for me
diff --git a/subtree/go-imap/imapclient/client.go b/subtree/go-imap/imapclient/client.go
index eb50b7647b..9990eeba0e 100644
--- a/subtree/go-imap/imapclient/client.go
+++ b/subtree/go-imap/imapclient/client.go
@@ -169,10 +169,15 @@ func New(conn net.Conn, options *Options) *Client {
}
// DialTLS connects to an IMAP server with implicit TLS.
-func DialTLS(address string, options *Options) (*Client, error) {
- conn, err := tls.Dial("tcp", address, &tls.Config{
- NextProtos: []string{"imap"},
- })
+func DialTLS(address string, options *Options, tlsConfigp *tls.Config) (*Client, error) {
+ var tlsConfig *tls.Config
+ if tlsConfigp != nil {
+ tlsConfig = tlsConfigp.Clone()
+ } else {
+ tlsConfig = &tls.Config{}
+ }
+ tlsConfig.NextProtos = []string{"imap"}
+ conn, err := tls.Dial("tcp", address, tlsConfig)
if err != nil {
return nil, err
}
diff --git a/subtree/go-imap/imapclient/example_test.go b/subtree/go-imap/imapclient/example_test.go
index 0cd0e747b4..282af7e162 100644
--- a/subtree/go-imap/imapclient/example_test.go
+++ b/subtree/go-imap/imapclient/example_test.go
@@ -12,7 +12,7 @@ import (
)
func ExampleClient() {
- c, err := imapclient.DialTLS("mail.example.org:993", nil)
+ c, err := imapclient.DialTLS("mail.example.org:993", nil, nil)
if err != nil {
log.Fatalf("failed to dial IMAP server: %v", err)
}
@@ -232,7 +232,7 @@ func ExampleClient_Idle() {
},
}
- c, err := imapclient.DialTLS("mail.example.org:993", &options)
+ c, err := imapclient.DialTLS("mail.example.org:993", &options, nil)
:
It's not required, you can create your own net.Conn
and pass it to NewClient
.