summary refs log tree commit diff stats
diff options
context:
space:
mode:
authorDrew DeVault <sir@cmpwn.com>2019-05-20 14:01:59 -0400
committerDrew DeVault <sir@cmpwn.com>2019-05-20 14:01:59 -0400
commita9aebe11d7801d0e574dc7b69de6c798d5c0e1f0 (patch)
treeb2fce3447fe2cb261c0ea5f724d9f7e702a708db
parent22cc40f4d482e76a53a72f7a3c6ddf8038b3c98e (diff)
downloadaerc-a9aebe11d7801d0e574dc7b69de6c798d5c0e1f0.tar.gz
asdf
-rw-r--r--commands/compose/send.go8
-rw-r--r--worker/imap/worker.go44
2 files changed, 4 insertions, 48 deletions
diff --git a/commands/compose/send.go b/commands/compose/send.go
index 02fc272..356b0c7 100644
--- a/commands/compose/send.go
+++ b/commands/compose/send.go
@@ -90,10 +90,6 @@ func SendMessage(aerc *widgets.Aerc, args []string) error {
 	}
 
 	sendAsync := func() (int, error) {
-		tlsConfig := &tls.Config{
-			// TODO: ask user first
-			InsecureSkipVerify: true,
-		}
 		switch scheme {
 		case "smtp":
 			host := uri.Host
@@ -112,7 +108,7 @@ func SendMessage(aerc *widgets.Aerc, args []string) error {
 						"Add smtp-starttls=yes")
 					return 0, err
 				}
-				if err = conn.StartTLS(tlsConfig); err != nil {
+				if err = conn.StartTLS(&tls.Config{}); err != nil {
 					return 0, err
 				}
 			} else {
@@ -128,7 +124,7 @@ func SendMessage(aerc *widgets.Aerc, args []string) error {
 			if !strings.ContainsRune(host, ':') {
 				host = host + ":465" // Default to smtps port
 			}
-			conn, err = smtp.DialTLS(host, tlsConfig)
+			conn, err = smtp.DialTLS(host, &tls.Config{})
 			if err != nil {
 				return 0, err
 			}
diff --git a/worker/imap/worker.go b/worker/imap/worker.go
index 839a9a0..ade539a 100644
--- a/worker/imap/worker.go
+++ b/worker/imap/worker.go
@@ -2,7 +2,6 @@ package imap
 
 import (
 	"crypto/tls"
-	"crypto/x509"
 	"fmt"
 	"net/url"
 	"strings"
@@ -47,41 +46,6 @@ func NewIMAPWorker(worker *types.Worker) *IMAPWorker {
 	}
 }
 
-func (w *IMAPWorker) verifyPeerCert(msg types.WorkerMessage) func(
-	rawCerts [][]byte, _ [][]*x509.Certificate) error {
-
-	return func(rawCerts [][]byte, _ [][]*x509.Certificate) error {
-		pool := x509.NewCertPool()
-		for _, rawCert := range rawCerts {
-			cert, err := x509.ParseCertificate(rawCert)
-			if err != nil {
-				return err
-			}
-			pool.AddCert(cert)
-		}
-
-		request := &types.CertificateApprovalRequest{
-			Message:  types.RespondTo(msg),
-			CertPool: pool,
-		}
-		w.worker.PostMessage(request, nil)
-
-		response := <-w.worker.Actions
-		if response.InResponseTo() != request {
-			return fmt.Errorf("Expected UI to respond to cert request")
-		}
-		if approval, ok := response.(*types.ApproveCertificate); !ok {
-			return fmt.Errorf("Expected UI to send certificate approval")
-		} else {
-			if approval.Approved {
-				return nil
-			} else {
-				return fmt.Errorf("UI rejected certificate")
-			}
-		}
-	}
-}
-
 func (w *IMAPWorker) handleMessage(msg types.WorkerMessage) error {
 	if w.idleStop != nil {
 		close(w.idleStop)
@@ -117,10 +81,6 @@ func (w *IMAPWorker) handleMessage(msg types.WorkerMessage) error {
 			c   *client.Client
 			err error
 		)
-		tlsConfig := &tls.Config{
-			InsecureSkipVerify:    true,
-			VerifyPeerCertificate: w.verifyPeerCert(msg),
-		}
 		switch w.config.scheme {
 		case "imap":
 			c, err = client.Dial(w.config.addr)
@@ -129,12 +89,12 @@ func (w *IMAPWorker) handleMessage(msg types.WorkerMessage) error {
 			}
 
 			if !w.config.insecure {
-				if err := c.StartTLS(tlsConfig); err != nil {
+				if err := c.StartTLS(&tls.Config{}); err != nil {
 					return err
 				}
 			}
 		case "imaps":
-			c, err = client.DialTLS(w.config.addr, tlsConfig)
+			c, err = client.DialTLS(w.config.addr, &tls.Config{})
 			if err != nil {
 				return err
 			}