From e132c81c5c07cdd54d1a8f731f8713812cda0998 Mon Sep 17 00:00:00 2001
From: miton18 <remi.collignon-ducre@corp.ovh.com>
Date: Fri, 24 Aug 2018 11:25:51 +0200
Subject: [PATCH] feat(email): support custom TLS certificates

Signed-off-by: miton18 <remi+github@collignon-ducret.fr>
---
 config/notifiers.go | 27 ++++++++++++++-------------
 notify/impl.go      | 20 ++++++++++++++++++--
 2 files changed, 32 insertions(+), 15 deletions(-)

diff --git a/config/notifiers.go b/config/notifiers.go
index 3dc42948..0a37493b 100644
--- a/config/notifiers.go
+++ b/config/notifiers.go
@@ -151,18 +151,19 @@ type EmailConfig struct {
 	NotifierConfig `yaml:",inline" json:",inline"`
 
 	// Email address to notify.
-	To           string            `yaml:"to,omitempty" json:"to,omitempty"`
-	From         string            `yaml:"from,omitempty" json:"from,omitempty"`
-	Hello        string            `yaml:"hello,omitempty" json:"hello,omitempty"`
-	Smarthost    string            `yaml:"smarthost,omitempty" json:"smarthost,omitempty"`
-	AuthUsername string            `yaml:"auth_username,omitempty" json:"auth_username,omitempty"`
-	AuthPassword Secret            `yaml:"auth_password,omitempty" json:"auth_password,omitempty"`
-	AuthSecret   Secret            `yaml:"auth_secret,omitempty" json:"auth_secret,omitempty"`
-	AuthIdentity string            `yaml:"auth_identity,omitempty" json:"auth_identity,omitempty"`
-	Headers      map[string]string `yaml:"headers,omitempty" json:"headers,omitempty"`
-	HTML         string            `yaml:"html,omitempty" json:"html,omitempty"`
-	Text         string            `yaml:"text,omitempty" json:"text,omitempty"`
-	RequireTLS   *bool             `yaml:"require_tls,omitempty" json:"require_tls,omitempty"`
+	To           string              `yaml:"to,omitempty" json:"to,omitempty"`
+	From         string              `yaml:"from,omitempty" json:"from,omitempty"`
+	Hello        string              `yaml:"hello,omitempty" json:"hello,omitempty"`
+	Smarthost    string              `yaml:"smarthost,omitempty" json:"smarthost,omitempty"`
+	AuthUsername string              `yaml:"auth_username,omitempty" json:"auth_username,omitempty"`
+	AuthPassword Secret              `yaml:"auth_password,omitempty" json:"auth_password,omitempty"`
+	AuthSecret   Secret              `yaml:"auth_secret,omitempty" json:"auth_secret,omitempty"`
+	AuthIdentity string              `yaml:"auth_identity,omitempty" json:"auth_identity,omitempty"`
+	Headers      map[string]string   `yaml:"headers,omitempty" json:"headers,omitempty"`
+	HTML         string              `yaml:"html,omitempty" json:"html,omitempty"`
+	Text         string              `yaml:"text,omitempty" json:"text,omitempty"`
+	RequireTLS   *bool               `yaml:"require_tls,omitempty" json:"require_tls,omitempty"`
+	TLSConfig    commoncfg.TLSConfig `yaml:"tls_config,omitempty" json:"tls_config,omitempty"`
 }
 
 // UnmarshalYAML implements the yaml.Unmarshaler interface.
@@ -195,7 +196,7 @@ type PagerdutyConfig struct {
 
 	HTTPConfig *commoncfg.HTTPClientConfig `yaml:"http_config,omitempty" json:"http_config,omitempty"`
 
-	ServiceKey  Secret            `yaml:"service_key,omitempty" json"service_key,omitempty"`
+	ServiceKey  Secret            `yaml:"service_key,omitempty" json:"service_key,omitempty"`
 	RoutingKey  Secret            `yaml:"routing_key,omitempty" json:"routing_key,omitempty"`
 	URL         *URL              `yaml:"url,omitempty" json:"url,omitempty"`
 	Client      string            `yaml:"client,omitempty" json:"client,omitempty"`
diff --git a/notify/impl.go b/notify/impl.go
index f1d02f77..f1c5dffe 100644
--- a/notify/impl.go
+++ b/notify/impl.go
@@ -264,7 +264,15 @@ func (n *Email) Notify(ctx context.Context, as ...*types.Alert) (bool, error) {
 	}
 
 	if port == "465" {
-		conn, err := tls.Dial("tcp", n.conf.Smarthost, &tls.Config{ServerName: host})
+		tlsConfig, err := commoncfg.NewTLSConfig(&n.conf.TLSConfig)
+		if err != nil {
+			return false, err
+		}
+		if tlsConfig.ServerName == "" {
+			tlsConfig.ServerName = host
+		}
+
+		conn, err := tls.Dial("tcp", n.conf.Smarthost, tlsConfig)
 		if err != nil {
 			return true, err
 		}
@@ -294,7 +302,15 @@ func (n *Email) Notify(ctx context.Context, as ...*types.Alert) (bool, error) {
 		if ok, _ := c.Extension("STARTTLS"); !ok {
 			return true, fmt.Errorf("require_tls: true (default), but %q does not advertise the STARTTLS extension", n.conf.Smarthost)
 		}
-		tlsConf := &tls.Config{ServerName: host}
+
+		tlsConf, err := commoncfg.NewTLSConfig(&n.conf.TLSConfig)
+		if err != nil {
+			return false, err
+		}
+		if tlsConf.ServerName == "" {
+			tlsConf.ServerName = host
+		}
+
 		if err := c.StartTLS(tlsConf); err != nil {
 			return true, fmt.Errorf("starttls failed: %s", err)
 		}