cqrenet/relay
3
0
Fork 0
mirror of https://github.com/chatmail/relay.git synced 2026-05-12 09:04:36 +00:00
Code Issues Packages Projects Releases Wiki Activity

config: make IPv4-only relays use self-signed TLS certs

Browse Source
This commit is contained in:
missytake
2026-04-14 11:11:19 +02:00
parent e35d6dff6b
commit 6864d5bd93
1 changed files with 11 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
chatmaild/src/chatmaild/config.py
View File

@@ -1,3 +1,4 @@
import ipaddress
from pathlib import Path
import iniconfig
@@ -79,7 +80,7 @@ class Config:
)
self.tls_cert_mode = "external"
self.tls_cert_path, self.tls_key_path = parts
elif self.mail_domain.startswith("_"):
elif self.mail_domain.startswith("_") or is_valid_ipv4(params["mail_domain"]):
self.tls_cert_mode = "self"
self.tls_cert_path = "/etc/ssl/certs/mailserver.pem"
self.tls_key_path = "/etc/ssl/private/mailserver.key"
@@ -175,3 +176,12 @@ def get_default_config_content(mail_domain, **overrides):
lines.append(line)
content = "\n".join(lines)
return content
def is_valid_ipv4(address: str) -> bool:
"""Check if a mail_domain is an IPv4 address."""
try:
ipaddress.IPv4Address(address)
return True
except ValueError:
return False