urko/emailsender
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

fix: customVerify cert alg + update valid CNs

Browse Source
This commit is contained in:
urko 2025-10-20 18:57:29 +00:00
parent 34f9238cf0
commit 537fbeebd9
1 changed files with 10 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
pkg/email/email.go
View File

@ -91,8 +91,10 @@ var validCommonNames = []string{
"ISRG Root X1",
"R3",
"R10",
"R13",
"R11",
"E5",
"E7",
"DST Root CA X3",
"DigiCert Global Root G2",
"DigiCert Global G2 TLS RSA SHA256 2020 CA1",
@ -138,10 +140,15 @@ func customVerify(host string) func(cs tls.ConnectionState) error {
return fmt.Errorf("untrusted certificate issuer: %s", cert.Issuer.CommonName)
}
// Check that the public key algorithm is RSA.
if cert.PublicKeyAlgorithm != x509.RSA {
return fmt.Errorf("unsupported public key algorithm: %v", cert.PublicKeyAlgorithm)
// Check that the public key algorithms
switch cert.PublicKeyAlgorithm {
case x509.RSA, x509.ECDSA:
// OK
default:
return fmt.Errorf("unsupported public key algorithm: %v",
cert.PublicKeyAlgorithm)
}
}
return nil