rust/lettre
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: rust:v0.10.0-rc.7
Branches Tags
rust:master rust:semver-compatible-deps rust:prepare-v0.11.18 rust:chumsky-to-nom rust:release-0.11.17 rust:better-tls-parameters-builder rust:docs-credentials-xoauth2 rust:paolobarbolini/alloc-playground rust:smtp-error-handling rust:refactor rust:v0.10.x rust:v0.9.x rust:v0.7.x rust:v0.8.x rust:v0.6.x rust:v0.5.x rust:v0.4.x rust:v0.3.x rust:v0.2.x rust:v0.1.x
rust:v0.11.19 rust:v0.11.18 rust:v0.11.17 rust:v0.11.16 rust:v0.11.15 rust:v0.11.14 rust:v0.11.13 rust:v0.11.12 rust:v0.11.11 rust:v0.11.10 rust:v0.11.9 rust:v0.11.8 rust:v0.11.7 rust:v0.11.6 rust:v0.11.5 rust:v0.11.4 rust:v0.11.3 rust:v0.11.2 rust:v0.11.1 rust:v0.11.0 rust:v0.10.4 rust:v0.10.3 rust:v0.10.2 rust:v0.10.1 rust:v0.10.0 rust:v0.10.0-rc.7 rust:v0.10.0-rc.6 rust:v0.10.0-rc.5 rust:v0.10.0-rc.4 rust:v0.10.0-rc.3 rust:v0.9.6 rust:v0.10.0-rc.2 rust:v0.10.0-rc.1 rust:v0.10.0-beta.4 rust:v0.10.0-beta.3 rust:v0.10.0-beta.2 rust:v0.10.0-beta.1 rust:v0.10.0-alpha.5 rust:v0.7.1 rust:v0.8.4 rust:v0.9.5 rust:v0.10.0-alpha.4 rust:v0.10.0-alpha.3 rust:v0.6.3 rust:v0.10.0-alpha.2 rust:v0.10.0-alpha.1 rust:v0.9.4 rust:v0.9.3 rust:v0.9.2 rust:v0.9.1 rust:v0.9.0 rust:v0.8.3 rust:v0.8.2 rust:v0.8.1 rust:v0.8.0 rust:v0.7.0 rust:v0.6.2 rust:v0.5.0 rust:v0.4.0 rust:v0.6.1 rust:v0.6.0 rust:v0.5.1 rust:v0.3.0 rust:v0.2.0 rust:v0.1.2 rust:v0.1.1 rust:v0.1.0 rust:v0.0.13 rust:v0.0.11 rust:v0.0.9
..
compare: rust:v0.10.1
Branches Tags
rust:master rust:semver-compatible-deps rust:prepare-v0.11.18 rust:chumsky-to-nom rust:release-0.11.17 rust:better-tls-parameters-builder rust:docs-credentials-xoauth2 rust:paolobarbolini/alloc-playground rust:smtp-error-handling rust:refactor rust:v0.10.x rust:v0.9.x rust:v0.7.x rust:v0.8.x rust:v0.6.x rust:v0.5.x rust:v0.4.x rust:v0.3.x rust:v0.2.x rust:v0.1.x
rust:v0.11.19 rust:v0.11.18 rust:v0.11.17 rust:v0.11.16 rust:v0.11.15 rust:v0.11.14 rust:v0.11.13 rust:v0.11.12 rust:v0.11.11 rust:v0.11.10 rust:v0.11.9 rust:v0.11.8 rust:v0.11.7 rust:v0.11.6 rust:v0.11.5 rust:v0.11.4 rust:v0.11.3 rust:v0.11.2 rust:v0.11.1 rust:v0.11.0 rust:v0.10.4 rust:v0.10.3 rust:v0.10.2 rust:v0.10.1 rust:v0.10.0 rust:v0.10.0-rc.7 rust:v0.10.0-rc.6 rust:v0.10.0-rc.5 rust:v0.10.0-rc.4 rust:v0.10.0-rc.3 rust:v0.9.6 rust:v0.10.0-rc.2 rust:v0.10.0-rc.1 rust:v0.10.0-beta.4 rust:v0.10.0-beta.3 rust:v0.10.0-beta.2 rust:v0.10.0-beta.1 rust:v0.10.0-alpha.5 rust:v0.7.1 rust:v0.8.4 rust:v0.9.5 rust:v0.10.0-alpha.4 rust:v0.10.0-alpha.3 rust:v0.6.3 rust:v0.10.0-alpha.2 rust:v0.10.0-alpha.1 rust:v0.9.4 rust:v0.9.3 rust:v0.9.2 rust:v0.9.1 rust:v0.9.0 rust:v0.8.3 rust:v0.8.2 rust:v0.8.1 rust:v0.8.0 rust:v0.7.0 rust:v0.6.2 rust:v0.5.0 rust:v0.4.0 rust:v0.6.1 rust:v0.6.0 rust:v0.5.1 rust:v0.3.0 rust:v0.2.0 rust:v0.1.2 rust:v0.1.1 rust:v0.1.0 rust:v0.0.13 rust:v0.0.11 rust:v0.0.9

16 Commits
v0.10.0-rc ... v0.10.1

Author SHA1 Message Date
Paolo Barbolini
0c9fc6cb71 Prepare 0.10.1 (#804) 2022-07-20 10:44:55 +02:00
Paolo Barbolini
2228cbdf93 Fix SMTP dot stuffing (#803) 2022-07-19 23:20:44 +02:00
André Cruz
17c95b0fa8 Ensure connection is closed on abort (#801) 
When aborting a connection, ensure the underlying stream is closed
before we return.
 2022-07-19 21:13:51 +02:00
Paolo Barbolini
62725af00a Improve TlsVersion docs and remember to re-export it (#800) 2022-07-18 07:40:46 +00:00
André Cruz
758bf1a4a7 Configurable minimum TLS version (#799) 
Added support for configuring the minimum accepted TLS version. The
supported versions differ between TLS toolkits.
 2022-07-17 13:11:14 +02:00
Paolo Barbolini
054c79f914 Document the boring-tls features in lib.rs (#798) 2022-07-16 09:45:44 +00:00
André Cruz
985fa7edc4 Add support for boring TLS (#797) 
In contexts where FIPS certification is mandatory, having the
ability to use the certified boring TLS library is sometimes necessary.
Added initial support for it, only one TLS toolkit can be enabled at
one time.
 2022-07-16 11:28:14 +02:00
Paolo Barbolini
9004d4ccc5 Add documentation to undocumented items (#793) 2022-06-29 22:44:29 +02:00
Paolo Barbolini
10171f8c75 Prepare 0.10.0 release (#538) 2022-06-29 21:17:37 +02:00
Paolo Barbolini
99e805952d Make it possible to keep the Bcc header when building a message (#792) 2022-06-29 21:08:27 +02:00
Paolo Barbolini
2d21dde5a1 Add autoconfigure.rs example (#787) 2022-06-17 06:35:07 +00:00
Paolo Barbolini
6fec936c0c Remove useless vec! allocations (#786) 2022-06-16 18:17:19 +00:00
Paolo Barbolini
22dfa5aa96 MessageBuilder: improve order headers are defined in (#783) 2022-06-16 17:53:54 +00:00
Paolo Barbolini
44e4cfd622 clippy: make rules stricter (#784) 2022-06-16 19:42:13 +02:00
Paolo Barbolini
7ea3d38a00 Mailboxes: add FromIterator impl and optimize Extend impl (#782) 2022-06-11 18:18:55 +00:00
Paolo Barbolini
73b89f5a9f clippy: fix latest warnings (#781) 2022-06-11 16:31:12 +00:00
33 changed files with 758 additions and 232 deletions
Expand all files Collapse all files

7
.github/workflows/test.yml vendored
View File

@@ -133,9 +133,12 @@ jobs:
- name: Test with default features
run: cargo test
- name: Test with all features
run: cargo test --all-features
- name: Test with all features (-native-tls)
run: cargo test --no-default-features --features async-std,async-std1,async-std1-rustls-tls,async-trait,base64,boring,boring-tls,builder,dkim,ed25519-dalek,email-encoding,fastrand,file-transport,file-transport-envelope,futures-io,futures-rustls,futures-util,hostname,httpdate,mime,mime03,nom,once_cell,pool,quoted_printable,regex,rsa,rustls,rustls-pemfile,rustls-tls,sendmail-transport,serde,serde_json,sha2,smtp-transport,socket2,tokio1,tokio1-boring-tls,tokio1-rustls-tls,tokio1_boring,tokio1_crate,tokio1_rustls,tracing,uuid,webpki-roots
- name: Test with all features (-boring-tls)
run: cargo test --no-default-features --features async-std,async-std1,async-std1-rustls-tls,async-trait,base64,builder,dkim,ed25519-dalek,email-encoding,fastrand,file-transport,file-transport-envelope,futures-io,futures-rustls,futures-util,hostname,httpdate,mime,mime03,native-tls,nom,once_cell,pool,quoted_printable,regex,rsa,rustls,rustls-pemfile,rustls-tls,sendmail-transport,serde,serde_json,sha2,smtp-transport,socket2,tokio1,tokio1-native-tls,tokio1-rustls-tls,tokio1_crate,tokio1_native_tls_crate,tokio1_rustls,tracing,uuid,webpki-roots
# coverage:
# name: Coverage
# runs-on: ubuntu-latest

23
CHANGELOG.md
View File

@@ -1,5 +1,25 @@
<a name="v0.10.1"></a>
### v0.10.1 (2022-07-20)
#### Features
* Add `boring-tls` support for `SmtpTransport` and `AsyncSmtpTransport`. The latter is only supported with the tokio runtime. ([#797]) ([#798])
* Make the minimum TLS version configurable. ([#799]) ([#800])
#### Bug Fixes
* Ensure connections are closed on abort. ([#801])
* Fix SMTP dot stuffing. ([#803])
[#797]: https://github.com/lettre/lettre/pull/797
[#798]: https://github.com/lettre/lettre/pull/798
[#799]: https://github.com/lettre/lettre/pull/799
[#800]: https://github.com/lettre/lettre/pull/800
[#801]: https://github.com/lettre/lettre/pull/801
[#803]: https://github.com/lettre/lettre/pull/803
<a name="v0.10.0"></a>
### v0.10.0 (unreleased)
### v0.10.0 (2022-06-29)
#### Upgrade notes
@@ -29,6 +49,7 @@ Several breaking changes were made between 0.9 and 0.10, but changes should be s
* Refactor `TlsParameters` implementation to not expose the internal TLS library
* `FileTransport` writes emails into `.eml` instead of `.json`
* When the hostname feature is disabled or hostname cannot be fetched, `127.0.0.1` is used instead of `localhost` as EHLO parameter (for better RFC compliance and mail server compatibility)
* The `sendmail` and `file` transports aren't enabled by default anymore.
* The `new` method of `ClientId` is deprecated
* Rename `serde-impls` feature to `serde`
* The `SendmailTransport` now uses the `sendmail` command in current `PATH` by default instead of

12
Cargo.toml
View File

@@ -1,7 +1,7 @@
[package]
name = "lettre"
# remember to update html_root_url and README.md (Cargo.toml example and deps.rs badge)
version = "0.10.0-rc.7"
version = "0.10.1"
description = "Email client"
readme = "README.md"
homepage = "https://lettre.rs"
@@ -46,6 +46,7 @@ native-tls = { version = "0.2", optional = true } # feature
rustls = { version = "0.20", features = ["dangerous_configuration"], optional = true }
rustls-pemfile = { version = "1", optional = true }
webpki-roots = { version = "0.22", optional = true }
boring = { version = "2.0.0", optional = true }
# async
futures-io = { version = "0.3.7", optional = true }
@@ -61,6 +62,7 @@ futures-rustls = { version = "0.22", optional = true }
tokio1_crate = { package = "tokio", version = "1", features = ["fs", "rt", "process", "time", "net", "io-util"], optional = true }
tokio1_native_tls_crate = { package = "tokio-native-tls", version = "0.3", optional = true }
tokio1_rustls = { package = "tokio-rustls", version = "0.23", optional = true }
tokio1_boring = { package = "tokio-boring", version = "2.1.4", optional = true }
## dkim
sha2 = { version = "0.10", optional = true }
@@ -74,6 +76,7 @@ email_address = { version = "0.2.1", default-features = false }
[dev-dependencies]
pretty_assertions = "1"
criterion = "0.3"
tracing = { version = "0.1.16", default-features = false, features = ["std"] }
tracing-subscriber = "0.3"
glob = "0.3"
walkdir = "2"
@@ -101,6 +104,8 @@ pool = ["futures-util"]
rustls-tls = ["webpki-roots", "rustls", "rustls-pemfile"]
boring-tls = ["boring"]
# async
async-std1 = ["async-std", "async-trait", "futures-io", "futures-util"]
#async-std1-native-tls = ["async-std1", "native-tls", "async-native-tls"]
@@ -108,6 +113,7 @@ async-std1-rustls-tls = ["async-std1", "rustls-tls", "futures-rustls"]
tokio1 = ["tokio1_crate", "async-trait", "futures-io", "futures-util"]
tokio1-native-tls = ["tokio1", "native-tls", "tokio1_native_tls_crate"]
tokio1-rustls-tls = ["tokio1", "rustls-tls", "tokio1_rustls"]
tokio1-boring-tls = ["tokio1", "boring-tls", "tokio1_boring"]
dkim = ["base64", "sha2", "rsa", "ed25519-dalek", "regex", "once_cell"]
@@ -115,6 +121,10 @@ dkim = ["base64", "sha2", "rsa", "ed25519-dalek", "regex", "once_cell"]
all-features = true
rustdoc-args = ["--cfg", "docsrs", "--cfg", "lettre_ignore_tls_mismatch"]
[[example]]
name = "autoconfigure"
required-features = ["smtp-transport", "native-tls"]
[[example]]
name = "basic_html"
required-features = ["file-transport", "builder"]

34
README.md
View File

@@ -28,27 +28,14 @@
</div>
<div align="center">
<a href="https://deps.rs/crate/lettre/0.10.0-rc.7">
<img src="https://deps.rs/crate/lettre/0.10.0-rc.7/status.svg"
<a href="https://deps.rs/crate/lettre/0.10.1">
<img src="https://deps.rs/crate/lettre/0.10.1/status.svg"
alt="dependency status" />
</a>
</div>
---
**NOTE**: this readme refers to the 0.10 version of lettre, which is
in release candidate state. Use the [`v0.9.x`](https://github.com/lettre/lettre/tree/v0.9.x)
branch for the previous stable release.
0.10 is already widely used and is already thought to be more reliable than 0.9, so it should generally be used
for new projects.
We'd love to hear your feedback about 0.10 design and APIs before final release!
Start a [discussion](https://github.com/lettre/lettre/discussions) in the repository, whether for
feedback or if you need help or advice using or upgrading lettre 0.10.
---
## Features
Lettre provides the following features:
@@ -63,15 +50,20 @@ Lettre does not provide (for now):
* Email parsing
## Supported Rust Versions
Lettre supports all Rust versions released in the last 6 months. At the time of writing
the minimum supported Rust version is 1.56, but this could change at any time either from
one of our dependencies bumping their MSRV or by a new patch release of lettre.
## Example
This library requires Rust 1.56.0 or newer.
To use this library, add the following to your `Cargo.toml`:
```toml
[dependencies]
lettre = "0.10.0-rc.7"
lettre = "0.10"
```
```rust,no_run
@@ -101,6 +93,14 @@ match mailer.send(&email) {
}
```
## Not sure of which connect options to use?
Clone the lettre git repository and run the following command (replacing `SMTP_HOST` with your SMTP server's hostname)
```shell
cargo run --example autoconfigure SMTP_HOST
```
## Testing
The `lettre` tests require an open mail server listening locally on port 2525 and the `sendmail` command. If you have python installed

93
examples/autoconfigure.rs Normal file
View File

@@ -0,0 +1,93 @@
use std::{env, process, time::Duration};
use lettre::SmtpTransport;
fn main() {
tracing_subscriber::fmt::init();
let smtp_host = match env::args().nth(1) {
Some(smtp_host) => smtp_host,
None => {
println!("Please provide the SMTP host as the first argument to this command");
process::exit(1);
}
};
// TLS wrapped connection
{
tracing::info!(
"Trying to establish a TLS wrapped connection to {}",
smtp_host
);
let transport = SmtpTransport::relay(&smtp_host)
.expect("build SmtpTransport::relay")
.timeout(Some(Duration::from_secs(10)))
.build();
match transport.test_connection() {
Ok(true) => {
tracing::info!("Successfully connected to {} via a TLS wrapped connection (SmtpTransport::relay). This is the fastest option available for connecting to an SMTP server", smtp_host);
}
Ok(false) => {
tracing::error!("Couldn't connect to {} via a TLS wrapped connection. No more information is available", smtp_host);
}
Err(err) => {
tracing::error!(err = %err, "Couldn't connect to {} via a TLS wrapped connection", smtp_host);
}
}
}
println!();
// Plaintext connection which MUST then successfully upgrade to TLS via STARTTLS
{
tracing::info!("Trying to establish a plaintext connection to {} and then updating it via the SMTP STARTTLS extension", smtp_host);
let transport = SmtpTransport::starttls_relay(&smtp_host)
.expect("build SmtpTransport::starttls_relay")
.timeout(Some(Duration::from_secs(10)))
.build();
match transport.test_connection() {
Ok(true) => {
tracing::info!("Successfully connected to {} via a plaintext connection which then got upgraded to TLS via the SMTP STARTTLS extension (SmtpTransport::starttls_relay). This is the second best option after the previous TLS wrapped option", smtp_host);
}
Ok(false) => {
tracing::error!(
"Couldn't connect to {} via STARTTLS. No more information is available",
smtp_host
);
}
Err(err) => {
tracing::error!(err = %err, "Couldn't connect to {} via STARTTLS", smtp_host);
}
}
}
println!();
// Plaintext connection (very insecure)
{
tracing::info!(
"Trying to establish a plaintext connection to {}",
smtp_host
);
let transport = SmtpTransport::builder_dangerous(&smtp_host)
.timeout(Some(Duration::from_secs(10)))
.build();
match transport.test_connection() {
Ok(true) => {
tracing::info!("Successfully connected to {} via a plaintext connection. This option is very insecure and shouldn't be used on the public internet (SmtpTransport::builder_dangerous)", smtp_host);
}
Ok(false) => {
tracing::error!(
"Couldn't connect to {} via a plaintext connection. No more information is available",
smtp_host
);
}
Err(err) => {
tracing::error!(err = %err, "Couldn't connect to {} via a plaintext connection", smtp_host);
}
}
}
}

2
src/address/types.rs
View File

@@ -226,7 +226,7 @@ fn check_address(val: &str) -> Result<usize, AddressError> {
Ok(user.len())
}
#[derive(Debug, PartialEq, Clone, Copy)]
#[derive(Debug, PartialEq, Eq, Clone, Copy)]
/// Errors in email addresses parsing
pub enum AddressError {
/// Missing domain or user

16
src/executor.rs
View File

@@ -109,7 +109,6 @@ impl Executor for Tokio1Executor {
#[cfg(feature = "smtp-transport")]
type Sleep = tokio1_crate::time::Sleep;
#[doc(hidden)]
#[cfg(feature = "smtp-transport")]
fn spawn<F>(fut: F) -> Self::Handle
where
@@ -119,13 +118,11 @@ impl Executor for Tokio1Executor {
tokio1_crate::spawn(fut)
}
#[doc(hidden)]
#[cfg(feature = "smtp-transport")]
fn sleep(duration: Duration) -> Self::Sleep {
tokio1_crate::time::sleep(duration)
}
#[doc(hidden)]
#[cfg(feature = "smtp-transport")]
async fn connect(
hostname: &str,
@@ -166,13 +163,11 @@ impl Executor for Tokio1Executor {
Ok(conn)
}
#[doc(hidden)]
#[cfg(feature = "file-transport-envelope")]
async fn fs_read(path: &Path) -> IoResult<Vec<u8>> {
tokio1_crate::fs::read(path).await
}
#[doc(hidden)]
#[cfg(feature = "file-transport")]
async fn fs_write(path: &Path, contents: &[u8]) -> IoResult<()> {
tokio1_crate::fs::write(path, contents).await
@@ -210,7 +205,6 @@ impl Executor for AsyncStd1Executor {
#[cfg(feature = "smtp-transport")]
type Sleep = BoxFuture<'static, ()>;
#[doc(hidden)]
#[cfg(feature = "smtp-transport")]
fn spawn<F>(fut: F) -> Self::Handle
where
@@ -220,14 +214,12 @@ impl Executor for AsyncStd1Executor {
async_std::task::spawn(fut)
}
#[doc(hidden)]
#[cfg(feature = "smtp-transport")]
fn sleep(duration: Duration) -> Self::Sleep {
let fut = async move { async_std::task::sleep(duration).await };
Box::pin(fut)
}
#[doc(hidden)]
#[cfg(feature = "smtp-transport")]
async fn connect(
hostname: &str,
@@ -267,13 +259,11 @@ impl Executor for AsyncStd1Executor {
Ok(conn)
}
#[doc(hidden)]
#[cfg(feature = "file-transport-envelope")]
async fn fs_read(path: &Path) -> IoResult<Vec<u8>> {
async_std::fs::read(path).await
}
#[doc(hidden)]
#[cfg(feature = "file-transport")]
async fn fs_write(path: &Path, contents: &[u8]) -> IoResult<()> {
async_std::fs::write(path, contents).await
@@ -289,15 +279,13 @@ impl SpawnHandle for async_std::task::JoinHandle<()> {
}
mod private {
use super::*;
pub trait Sealed {}
#[cfg(feature = "tokio1")]
impl Sealed for Tokio1Executor {}
impl Sealed for super::Tokio1Executor {}
#[cfg(feature = "async-std1")]
impl Sealed for AsyncStd1Executor {}
impl Sealed for super::AsyncStd1Executor {}
#[cfg(all(feature = "smtp-transport", feature = "tokio1"))]
impl Sealed for tokio1_crate::task::JoinHandle<()> {}

40
src/lib.rs
View File

@@ -41,6 +41,15 @@
//!
//! NOTE: native-tls isn't supported with `async-std`
//!
//! #### SMTP over TLS via the boring crate (Boring TLS)
//!
//! _Secure SMTP connections using TLS from the `boring-tls` crate_
//!
//! * **boring-tls**: TLS support for the synchronous version of the API
//! * **tokio1-boring-tls**: TLS support for the `tokio1` async version of the API
//!
//! NOTE: boring-tls isn't supported with `async-std`
//!
//! #### SMTP over TLS via the rustls crate
//!
//! _Secure SMTP connections using TLS from the `rustls-tls` crate_
@@ -100,7 +109,7 @@
//! [mime 0.3]: https://docs.rs/mime/0.3
//! [DKIM]: https://datatracker.ietf.org/doc/html/rfc6376
#![doc(html_root_url = "https://docs.rs/crate/lettre/0.10.0-rc.7")]
#![doc(html_root_url = "https://docs.rs/crate/lettre/0.10.1")]
#![doc(html_favicon_url = "https://lettre.rs/favicon.ico")]
#![doc(html_logo_url = "https://avatars0.githubusercontent.com/u/15113230?v=4")]
#![forbid(unsafe_code)]
@@ -112,12 +121,30 @@
unused_import_braces,
rust_2018_idioms,
clippy::string_add,
clippy::string_add_assign
clippy::string_add_assign,
clippy::clone_on_ref_ptr,
clippy::verbose_file_reads,
clippy::unnecessary_self_imports,
clippy::string_to_string,
clippy::mem_forget,
clippy::cast_lossless,
clippy::inefficient_to_string,
clippy::inline_always,
clippy::linkedlist,
clippy::macro_use_imports,
clippy::manual_assert,
clippy::unnecessary_join,
clippy::wildcard_imports,
clippy::zero_sized_map_values
)]
#![cfg_attr(docsrs, feature(doc_cfg))]
#[cfg(not(lettre_ignore_tls_mismatch))]
mod compiletime_checks {
#[cfg(all(feature = "native-tls", feature = "boring-tls"))]
compile_error!("feature \"native-tls\" and feature \"boring-tls\" cannot be enabled at the same time, otherwise
the executable will fail to link.");
#[cfg(all(
feature = "tokio1",
feature = "native-tls",
@@ -136,6 +163,15 @@ mod compiletime_checks {
If you'd like to use `native-tls` make sure that the `rustls-tls` feature hasn't been enabled by mistake.
Make sure to apply the same to any of your crate dependencies that use the `lettre` crate.");
#[cfg(all(
feature = "tokio1",
feature = "boring-tls",
not(feature = "tokio1-boring-tls")
))]
compile_error!("Lettre is being built with the `tokio1` and the `boring-tls` features, but the `tokio1-boring-tls` feature hasn't been turned on.
If you'd like to use `boring-tls` make sure that the `rustls-tls` feature hasn't been enabled by mistake.
Make sure to apply the same to any of your crate dependencies that use the `lettre` crate.");
/*
#[cfg(all(
feature = "async-std1",

8
src/message/dkim.rs
View File

@@ -96,9 +96,9 @@ impl Display for DkimSigningKeyError {
impl StdError for DkimSigningKeyError {
fn source(&self) -> Option<&(dyn StdError + 'static)> {
Some(match &self.0 {
InnerDkimSigningKeyError::Base64(err) => &*err,
InnerDkimSigningKeyError::Rsa(err) => &*err,
InnerDkimSigningKeyError::Ed25519(err) => &*err,
InnerDkimSigningKeyError::Base64(err) => err,
InnerDkimSigningKeyError::Rsa(err) => err,
InnerDkimSigningKeyError::Ed25519(err) => err,
})
}
}
@@ -245,7 +245,7 @@ fn dkim_canonicalize_headers_relaxed(headers: &str) -> String {
let mut r = String::with_capacity(headers.len());
fn skip_whitespace(h: &str) -> &str {
match h.as_bytes().get(0) {
match h.as_bytes().first() {
Some(b' ' | b'\t') => skip_whitespace(&h[1..]),
_ => h,
}

2
src/message/header/date.rs
View File

@@ -8,7 +8,7 @@ use crate::BoxError;
/// Message `Date` header
///
/// Defined in [RFC2822](https://tools.ietf.org/html/rfc2822#section-3.3)
#[derive(Debug, Clone, Copy, PartialEq)]
#[derive(Debug, Clone, Copy, PartialEq, Eq)]
pub struct Date(HttpDate);
impl Date {

4
src/message/header/mailbox.rs
View File

@@ -14,7 +14,7 @@ pub trait MailboxesHeader {
macro_rules! mailbox_header {
($(#[$doc:meta])*($type_name: ident, $header_name: expr)) => {
$(#[$doc])*
#[derive(Debug, Clone, PartialEq)]
#[derive(Debug, Clone, PartialEq, Eq)]
pub struct $type_name(Mailbox);
impl Header for $type_name {
@@ -56,7 +56,7 @@ macro_rules! mailbox_header {
macro_rules! mailboxes_header {
($(#[$doc:meta])*($type_name: ident, $header_name: expr)) => {
$(#[$doc])*
#[derive(Debug, Clone, PartialEq)]
#[derive(Debug, Clone, PartialEq, Eq)]
pub struct $type_name(pub(crate) Mailboxes);
impl MailboxesHeader for $type_name {

15
src/message/header/mod.rs
View File

@@ -277,6 +277,7 @@ impl PartialEq<HeaderName> for &str {
}
}
/// A safe for use header value
#[derive(Debug, Clone, PartialEq)]
pub struct HeaderValue {
name: HeaderName,
@@ -285,6 +286,12 @@ pub struct HeaderValue {
}
impl HeaderValue {
/// Construct a new `HeaderValue` and encode it
///
/// Takes the header `name` and the `raw_value` and encodes
/// it via `RFC2047` and line folds it.
///
/// [`RFC2047`]: https://datatracker.ietf.org/doc/html/rfc2047
pub fn new(name: HeaderName, raw_value: String) -> Self {
let mut encoded_value = String::with_capacity(raw_value.len());
HeaderValueEncoder::encode(&name, &raw_value, &mut encoded_value).unwrap();
@@ -296,6 +303,14 @@ impl HeaderValue {
}
}
/// Construct a new `HeaderValue` using a pre-encoded header value
///
/// This method is _extremely_ dangerous as it opens up
/// the encoder to header injection attacks, but is sometimes
/// acceptable for use if `encoded_value` contains only ascii
/// printable characters and is already line folded.
///
/// When in doubt use [`HeaderValue::new`].
pub fn dangerous_new_pre_encoded(
name: HeaderName,
raw_value: String,

5
src/message/header/special.rs
View File

@@ -4,7 +4,7 @@ use crate::{
};
/// Message format version, defined in [RFC2045](https://tools.ietf.org/html/rfc2045#section-4)
#[derive(Debug, Copy, Clone, PartialEq)]
#[derive(Debug, Copy, Clone, PartialEq, Eq)]
pub struct MimeVersion {
major: u8,
minor: u8,
@@ -16,15 +16,18 @@ pub struct MimeVersion {
pub const MIME_VERSION_1_0: MimeVersion = MimeVersion::new(1, 0);
impl MimeVersion {
/// Build a new `MimeVersion` header
pub const fn new(major: u8, minor: u8) -> Self {
MimeVersion { major, minor }
}
/// Get the `major` value of this `MimeVersion` header.
#[inline]
pub const fn major(self) -> u8 {
self.major
}
/// Get the `minor` value of this `MimeVersion` header.
#[inline]
pub const fn minor(self) -> u8 {
self.minor

2
src/message/header/textual.rs
View File

@@ -4,7 +4,7 @@ use crate::BoxError;
macro_rules! text_header {
($(#[$attr:meta])* Header($type_name: ident, $header_name: expr )) => {
$(#[$attr])*
#[derive(Debug, Clone, PartialEq)]
#[derive(Debug, Clone, PartialEq, Eq)]
pub struct $type_name(String);
impl Header for $type_name {

20
src/message/mailbox/types.rs
View File

@@ -315,6 +315,18 @@ impl From<Mailboxes> for Vec<Mailbox> {
}
}
impl FromIterator<Mailbox> for Mailboxes {
fn from_iter<T: IntoIterator<Item = Mailbox>>(iter: T) -> Self {
Self(Vec::from_iter(iter))
}
}
impl Extend<Mailbox> for Mailboxes {
fn extend<T: IntoIterator<Item = Mailbox>>(&mut self, iter: T) {
self.0.extend(iter);
}
}
impl IntoIterator for Mailboxes {
type Item = Mailbox;
type IntoIter = ::std::vec::IntoIter<Mailbox>;
@@ -324,14 +336,6 @@ impl IntoIterator for Mailboxes {
}
}
impl Extend<Mailbox> for Mailboxes {
fn extend<T: IntoIterator<Item = Mailbox>>(&mut self, iter: T) {
for elem in iter {
self.0.push(elem);
}
}
}
impl Display for Mailboxes {
fn fmt(&self, f: &mut Formatter<'_>) -> FmtResult {
let mut iter = self.iter();

158
src/message/mod.rs
View File

@@ -232,6 +232,7 @@ trait EmailFormat {
pub struct MessageBuilder {
headers: Headers,
envelope: Option<Envelope>,
drop_bcc: bool,
}
impl MessageBuilder {
@@ -240,24 +241,26 @@ impl MessageBuilder {
Self {
headers: Headers::new(),
envelope: None,
drop_bcc: true,
}
}
/// Set custom header to message
pub fn header<H: Header>(mut self, header: H) -> Self {
self.headers.set(header);
self
/// Set or add mailbox to `From` header
///
/// Defined in [RFC5322](https://tools.ietf.org/html/rfc5322#section-3.6.2).
///
/// Shortcut for `self.mailbox(header::From(mbox))`.
pub fn from(self, mbox: Mailbox) -> Self {
self.mailbox(header::From::from(Mailboxes::from(mbox)))
}
/// Add mailbox to header
pub fn mailbox<H: Header + MailboxesHeader>(self, header: H) -> Self {
match self.headers.get::<H>() {
Some(mut header_) => {
header_.join_mailboxes(header);
self.header(header_)
}
None => self.header(header),
}
/// Set `Sender` header. Should be used when providing several `From` mailboxes.
///
/// Defined in [RFC5322](https://tools.ietf.org/html/rfc5322#section-3.6.2).
///
/// Shortcut for `self.header(header::Sender(mbox))`.
pub fn sender(self, mbox: Mailbox) -> Self {
self.header(header::Sender::from(mbox))
}
/// Add `Date` header to message
@@ -275,41 +278,6 @@ impl MessageBuilder {
self.date(SystemTime::now())
}
/// Set `Subject` header to message
///
/// Shortcut for `self.header(header::Subject(subject.into()))`.
pub fn subject<S: Into<String>>(self, subject: S) -> Self {
let s: String = subject.into();
self.header(header::Subject::from(s))
}
/// Set `MIME-Version` header to 1.0
///
/// Shortcut for `self.header(header::MIME_VERSION_1_0)`.
///
/// Not exposed as it is set by body methods
fn mime_1_0(self) -> Self {
self.header(header::MIME_VERSION_1_0)
}
/// Set `Sender` header. Should be used when providing several `From` mailboxes.
///
/// Defined in [RFC5322](https://tools.ietf.org/html/rfc5322#section-3.6.2).
///
/// Shortcut for `self.header(header::Sender(mbox))`.
pub fn sender(self, mbox: Mailbox) -> Self {
self.header(header::Sender::from(mbox))
}
/// Set or add mailbox to `From` header
///
/// Defined in [RFC5322](https://tools.ietf.org/html/rfc5322#section-3.6.2).
///
/// Shortcut for `self.mailbox(header::From(mbox))`.
pub fn from(self, mbox: Mailbox) -> Self {
self.mailbox(header::From::from(Mailboxes::from(mbox)))
}
/// Set or add mailbox to `ReplyTo` header
///
/// Defined in [RFC5322](https://tools.ietf.org/html/rfc5322#section-3.6.2).
@@ -352,6 +320,14 @@ impl MessageBuilder {
self.header(header::References::from(id))
}
/// Set `Subject` header to message
///
/// Shortcut for `self.header(header::Subject(subject.into()))`.
pub fn subject<S: Into<String>>(self, subject: S) -> Self {
let s: String = subject.into();
self.header(header::Subject::from(s))
}
/// Set [Message-ID
/// header](https://tools.ietf.org/html/rfc5322#section-3.6.4)
///
@@ -385,12 +361,43 @@ impl MessageBuilder {
self.header(header::UserAgent::from(id))
}
/// Set custom header to message
pub fn header<H: Header>(mut self, header: H) -> Self {
self.headers.set(header);
self
}
/// Add mailbox to header
pub fn mailbox<H: Header + MailboxesHeader>(self, header: H) -> Self {
match self.headers.get::<H>() {
Some(mut header_) => {
header_.join_mailboxes(header);
self.header(header_)
}
None => self.header(header),
}
}
/// Force specific envelope (by default it is derived from headers)
pub fn envelope(mut self, envelope: Envelope) -> Self {
self.envelope = Some(envelope);
self
}
/// Keep the `Bcc` header
///
/// By default the `Bcc` header is removed from the email after
/// using it to generate the message envelope. In some cases though,
/// like when saving the email as an `.eml`, or sending through
/// some transports (like the Gmail API) that don't take a separate
/// envelope value, it becomes necessary to keep the `Bcc` header.
///
/// Calling this method overrides the default behaviour.
pub fn keep_bcc(mut self) -> Self {
self.drop_bcc = false;
self
}
// TODO: High-level methods for attachments and embedded files
/// Create message from body
@@ -423,8 +430,10 @@ impl MessageBuilder {
None => Envelope::try_from(&res.headers)?,
};
// Remove `Bcc` headers now the envelope is set
res.headers.remove::<header::Bcc>();
if res.drop_bcc {
// Remove `Bcc` headers now the envelope is set
res.headers.remove::<header::Bcc>();
}
Ok(Message {
headers: res.headers,
@@ -455,6 +464,15 @@ impl MessageBuilder {
pub fn singlepart(self, part: SinglePart) -> Result<Message, EmailError> {
self.mime_1_0().build(MessageBody::Mime(Part::Single(part)))
}
/// Set `MIME-Version` header to 1.0
///
/// Shortcut for `self.header(header::MIME_VERSION_1_0)`.
///
/// Not exposed as it is set by body methods
fn mime_1_0(self) -> Self {
self.header(header::MIME_VERSION_1_0)
}
}
/// Email message which can be formatted
@@ -628,7 +646,7 @@ mod test {
}
#[test]
fn email_message() {
fn email_message_no_bcc() {
// Tue, 15 Nov 1994 08:12:31 GMT
let date = SystemTime::UNIX_EPOCH + Duration::from_secs(784887151);
@@ -663,6 +681,44 @@ mod test {
);
}
#[test]
fn email_message_keep_bcc() {
// Tue, 15 Nov 1994 08:12:31 GMT
let date = SystemTime::UNIX_EPOCH + Duration::from_secs(784887151);
let email = Message::builder()
.date(date)
.bcc("hidden@example.com".parse().unwrap())
.keep_bcc()
.header(header::From(
vec![Mailbox::new(
Some("Каи".into()),
"kayo@example.com".parse().unwrap(),
)]
.into(),
))
.header(header::To(
vec!["Pony O.P. <pony@domain.tld>".parse().unwrap()].into(),
))
.header(header::Subject::from(String::from("яңа ел белән!")))
.body(String::from("Happy new year!"))
.unwrap();
assert_eq!(
String::from_utf8(email.formatted()).unwrap(),
concat!(
"Date: Tue, 15 Nov 1994 08:12:31 +0000\r\n",
"Bcc: hidden@example.com\r\n",
"From: =?utf-8?b?0JrQsNC4?= <kayo@example.com>\r\n",
"To: \"Pony O.P.\" <pony@domain.tld>\r\n",
"Subject: =?utf-8?b?0Y/So9CwINC10Lsg0LHQtdC705nQvQ==?=!\r\n",
"Content-Transfer-Encoding: 7bit\r\n",
"\r\n",
"Happy new year!"
)
);
}
#[test]
fn email_with_png() {
// Tue, 15 Nov 1994 08:12:31 GMT

3
src/transport/smtp/async_transport.rs
View File

@@ -198,6 +198,9 @@ where
{
fn clone(&self) -> Self {
Self {
#[cfg(feature = "pool")]
inner: Arc::clone(&self.inner),
#[cfg(not(feature = "pool"))]
inner: self.inner.clone(),
}
}

8
src/transport/smtp/authentication.rs
View File

@@ -98,12 +98,12 @@ impl Mechanism {
let decoded_challenge = challenge
.ok_or_else(|| error::client("This mechanism does expect a challenge"))?;
if vec!["User Name", "Username:", "Username"].contains(&decoded_challenge) {
return Ok(credentials.authentication_identity.to_string());
if ["User Name", "Username:", "Username"].contains(&decoded_challenge) {
return Ok(credentials.authentication_identity.clone());
}
if vec!["Password", "Password:"].contains(&decoded_challenge) {
return Ok(credentials.secret.to_string());
if ["Password", "Password:"].contains(&decoded_challenge) {
return Ok(credentials.secret.clone());
}
Err(error::client("Unrecognized challenge"))

6
src/transport/smtp/client/async_connection.rs
View File

@@ -8,7 +8,7 @@ use super::{AsyncNetworkStream, ClientCodec, TlsParameters};
use crate::{
transport::smtp::{
authentication::{Credentials, Mechanism},
commands::*,
commands::{Auth, Data, Ehlo, Mail, Noop, Quit, Rcpt, Starttls},
error,
error::Error,
extension::{ClientId, Extension, MailBodyParameter, MailParameter, ServerInfo},
@@ -41,6 +41,7 @@ pub struct AsyncSmtpConnection {
}
impl AsyncSmtpConnection {
/// Get information about the server
pub fn server_info(&self) -> &ServerInfo {
&self.server_info
}
@@ -193,6 +194,7 @@ impl AsyncSmtpConnection {
self.panic = true;
let _ = self.command(Quit).await;
}
let _ = self.stream.close().await;
}
/// Sets the underlying stream
@@ -319,7 +321,7 @@ impl AsyncSmtpConnection {
}
/// The X509 certificate of the server (DER encoded)
#[cfg(any(feature = "native-tls", feature = "rustls-tls"))]
#[cfg(any(feature = "native-tls", feature = "rustls-tls", feature = "boring-tls"))]
pub fn peer_certificate(&self) -> Result<Vec<u8>, Error> {
self.stream.get_ref().peer_certificate()
}

76
src/transport/smtp/client/async_net.rs
View File

@@ -16,6 +16,8 @@ use futures_io::{
};
#[cfg(feature = "async-std1-rustls-tls")]
use futures_rustls::client::TlsStream as AsyncStd1RustlsTlsStream;
#[cfg(feature = "tokio1-boring-tls")]
use tokio1_boring::SslStream as Tokio1SslStream;
#[cfg(feature = "tokio1")]
use tokio1_crate::io::{AsyncRead as _, AsyncWrite as _, ReadBuf as Tokio1ReadBuf};
#[cfg(feature = "tokio1")]
@@ -31,6 +33,7 @@ use tokio1_rustls::client::TlsStream as Tokio1RustlsTlsStream;
#[cfg(any(
feature = "tokio1-native-tls",
feature = "tokio1-rustls-tls",
feature = "tokio1-boring-tls",
feature = "async-std1-native-tls",
feature = "async-std1-rustls-tls"
))]
@@ -60,6 +63,9 @@ enum InnerAsyncNetworkStream {
/// Encrypted Tokio 1.x TCP stream
#[cfg(feature = "tokio1-rustls-tls")]
Tokio1RustlsTls(Tokio1RustlsTlsStream<Tokio1TcpStream>),
/// Encrypted Tokio 1.x TCP stream
#[cfg(feature = "tokio1-boring-tls")]
Tokio1BoringTls(Tokio1SslStream<Tokio1TcpStream>),
/// Plain Tokio 1.x TCP stream
#[cfg(feature = "async-std1")]
AsyncStd1Tcp(AsyncStd1TcpStream),
@@ -93,6 +99,8 @@ impl AsyncNetworkStream {
}
#[cfg(feature = "tokio1-rustls-tls")]
InnerAsyncNetworkStream::Tokio1RustlsTls(ref s) => s.get_ref().0.peer_addr(),
#[cfg(feature = "tokio1-boring-tls")]
InnerAsyncNetworkStream::Tokio1BoringTls(ref s) => s.get_ref().peer_addr(),
#[cfg(feature = "async-std1")]
InnerAsyncNetworkStream::AsyncStd1Tcp(ref s) => s.peer_addr(),
#[cfg(feature = "async-std1-native-tls")]
@@ -229,14 +237,22 @@ impl AsyncNetworkStream {
match &self.inner {
#[cfg(all(
feature = "tokio1",
not(any(feature = "tokio1-native-tls", feature = "tokio1-rustls-tls"))
not(any(
feature = "tokio1-native-tls",
feature = "tokio1-rustls-tls",
feature = "tokio1-boring-tls"
))
))]
InnerAsyncNetworkStream::Tokio1Tcp(_) => {
let _ = tls_parameters;
panic!("Trying to upgrade an AsyncNetworkStream without having enabled either the tokio1-native-tls or the tokio1-rustls-tls feature");
}
#[cfg(any(feature = "tokio1-native-tls", feature = "tokio1-rustls-tls"))]
#[cfg(any(
feature = "tokio1-native-tls",
feature = "tokio1-rustls-tls",
feature = "tokio1-boring-tls"
))]
InnerAsyncNetworkStream::Tokio1Tcp(_) => {
// get owned TcpStream
let tcp_stream = mem::replace(&mut self.inner, InnerAsyncNetworkStream::None);
@@ -278,7 +294,11 @@ impl AsyncNetworkStream {
}
#[allow(unused_variables)]
#[cfg(any(feature = "tokio1-native-tls", feature = "tokio1-rustls-tls"))]
#[cfg(any(
feature = "tokio1-native-tls",
feature = "tokio1-rustls-tls",
feature = "tokio1-boring-tls"
))]
async fn upgrade_tokio1_tls(
tcp_stream: Tokio1TcpStream,
tls_parameters: TlsParameters,
@@ -324,11 +344,31 @@ impl AsyncNetworkStream {
Ok(InnerAsyncNetworkStream::Tokio1RustlsTls(stream))
};
}
#[cfg(feature = "boring-tls")]
InnerTlsParameters::BoringTls(connector) => {
#[cfg(not(feature = "tokio1-boring-tls"))]
panic!("built without the tokio1-boring-tls feature");
#[cfg(feature = "tokio1-boring-tls")]
return {
let mut config = connector.configure().map_err(error::connection)?;
config.set_verify_hostname(tls_parameters.accept_invalid_hostnames);
let stream = tokio1_boring::connect(config, &domain, tcp_stream)
.await
.map_err(error::connection)?;
Ok(InnerAsyncNetworkStream::Tokio1BoringTls(stream))
};
}
}
}
#[allow(unused_variables)]
#[cfg(any(feature = "async-std1-native-tls", feature = "async-std1-rustls-tls"))]
#[cfg(any(
feature = "async-std1-native-tls",
feature = "async-std1-rustls-tls",
feature = "async-std1-boring-tls"
))]
async fn upgrade_asyncstd1_tls(
tcp_stream: AsyncStd1TcpStream,
mut tls_parameters: TlsParameters,
@@ -377,6 +417,10 @@ impl AsyncNetworkStream {
Ok(InnerAsyncNetworkStream::AsyncStd1RustlsTls(stream))
};
}
#[cfg(feature = "boring-tls")]
InnerTlsParameters::BoringTls(connector) => {
panic!("boring-tls isn't supported with async-std yet.");
}
}
}
@@ -388,6 +432,8 @@ impl AsyncNetworkStream {
InnerAsyncNetworkStream::Tokio1NativeTls(_) => true,
#[cfg(feature = "tokio1-rustls-tls")]
InnerAsyncNetworkStream::Tokio1RustlsTls(_) => true,
#[cfg(feature = "tokio1-boring-tls")]
InnerAsyncNetworkStream::Tokio1BoringTls(_) => true,
#[cfg(feature = "async-std1")]
InnerAsyncNetworkStream::AsyncStd1Tcp(_) => false,
#[cfg(feature = "async-std1-native-tls")]
@@ -422,6 +468,13 @@ impl AsyncNetworkStream {
.unwrap()
.clone()
.0),
#[cfg(feature = "tokio1-boring-tls")]
InnerAsyncNetworkStream::Tokio1BoringTls(stream) => Ok(stream
.ssl()
.peer_certificate()
.unwrap()
.to_der()
.map_err(error::tls)?),
#[cfg(feature = "async-std1")]
InnerAsyncNetworkStream::AsyncStd1Tcp(_) => {
Err(error::client("Connection is not encrypted"))
@@ -477,6 +530,15 @@ impl FuturesAsyncRead for AsyncNetworkStream {
Poll::Pending => Poll::Pending,
}
}
#[cfg(feature = "tokio1-boring-tls")]
InnerAsyncNetworkStream::Tokio1BoringTls(ref mut s) => {
let mut b = Tokio1ReadBuf::new(buf);
match Pin::new(s).poll_read(cx, &mut b) {
Poll::Ready(Ok(())) => Poll::Ready(Ok(b.filled().len())),
Poll::Ready(Err(err)) => Poll::Ready(Err(err)),
Poll::Pending => Poll::Pending,
}
}
#[cfg(feature = "async-std1")]
InnerAsyncNetworkStream::AsyncStd1Tcp(ref mut s) => Pin::new(s).poll_read(cx, buf),
#[cfg(feature = "async-std1-native-tls")]
@@ -508,6 +570,8 @@ impl FuturesAsyncWrite for AsyncNetworkStream {
InnerAsyncNetworkStream::Tokio1NativeTls(ref mut s) => Pin::new(s).poll_write(cx, buf),
#[cfg(feature = "tokio1-rustls-tls")]
InnerAsyncNetworkStream::Tokio1RustlsTls(ref mut s) => Pin::new(s).poll_write(cx, buf),
#[cfg(feature = "tokio1-boring-tls")]
InnerAsyncNetworkStream::Tokio1BoringTls(ref mut s) => Pin::new(s).poll_write(cx, buf),
#[cfg(feature = "async-std1")]
InnerAsyncNetworkStream::AsyncStd1Tcp(ref mut s) => Pin::new(s).poll_write(cx, buf),
#[cfg(feature = "async-std1-native-tls")]
@@ -533,6 +597,8 @@ impl FuturesAsyncWrite for AsyncNetworkStream {
InnerAsyncNetworkStream::Tokio1NativeTls(ref mut s) => Pin::new(s).poll_flush(cx),
#[cfg(feature = "tokio1-rustls-tls")]
InnerAsyncNetworkStream::Tokio1RustlsTls(ref mut s) => Pin::new(s).poll_flush(cx),
#[cfg(feature = "tokio1-boring-tls")]
InnerAsyncNetworkStream::Tokio1BoringTls(ref mut s) => Pin::new(s).poll_flush(cx),
#[cfg(feature = "async-std1")]
InnerAsyncNetworkStream::AsyncStd1Tcp(ref mut s) => Pin::new(s).poll_flush(cx),
#[cfg(feature = "async-std1-native-tls")]
@@ -554,6 +620,8 @@ impl FuturesAsyncWrite for AsyncNetworkStream {
InnerAsyncNetworkStream::Tokio1NativeTls(ref mut s) => Pin::new(s).poll_shutdown(cx),
#[cfg(feature = "tokio1-rustls-tls")]
InnerAsyncNetworkStream::Tokio1RustlsTls(ref mut s) => Pin::new(s).poll_shutdown(cx),
#[cfg(feature = "tokio1-boring-tls")]
InnerAsyncNetworkStream::Tokio1BoringTls(ref mut s) => Pin::new(s).poll_shutdown(cx),
#[cfg(feature = "async-std1")]
InnerAsyncNetworkStream::AsyncStd1Tcp(ref mut s) => Pin::new(s).poll_close(cx),
#[cfg(feature = "async-std1-native-tls")]

17
src/transport/smtp/client/connection.rs
View File

@@ -12,7 +12,7 @@ use crate::{
address::Envelope,
transport::smtp::{
authentication::{Credentials, Mechanism},
commands::*,
commands::{Auth, Data, Ehlo, Mail, Noop, Quit, Rcpt, Starttls},
error,
error::Error,
extension::{ClientId, Extension, MailBodyParameter, MailParameter, ServerInfo},
@@ -44,6 +44,7 @@ pub struct SmtpConnection {
}
impl SmtpConnection {
/// Get information about the server
pub fn server_info(&self) -> &ServerInfo {
&self.server_info
}
@@ -142,7 +143,7 @@ impl SmtpConnection {
hello_name: &ClientId,
) -> Result<(), Error> {
if self.server_info.supports_feature(Extension::StartTls) {
#[cfg(any(feature = "native-tls", feature = "rustls-tls"))]
#[cfg(any(feature = "native-tls", feature = "rustls-tls", feature = "boring-tls"))]
{
try_smtp!(self.command(Starttls), self);
self.stream.get_mut().upgrade_tls(tls_parameters)?;
@@ -152,7 +153,11 @@ impl SmtpConnection {
try_smtp!(self.ehlo(hello_name), self);
Ok(())
}
#[cfg(not(any(feature = "native-tls", feature = "rustls-tls")))]
#[cfg(not(any(
feature = "native-tls",
feature = "rustls-tls",
feature = "boring-tls"
)))]
// This should never happen as `Tls` can only be created
// when a TLS library is enabled
unreachable!("TLS support required but not supported");
@@ -178,6 +183,7 @@ impl SmtpConnection {
self.panic = true;
let _ = self.command(Quit);
}
let _ = self.stream.get_mut().shutdown(std::net::Shutdown::Both);
}
/// Sets the underlying stream
@@ -237,11 +243,12 @@ impl SmtpConnection {
/// Sends the message content
pub fn message(&mut self, message: &[u8]) -> Result<Response, Error> {
let mut out_buf: Vec<u8> = vec![];
let mut codec = ClientCodec::new();
let mut out_buf = Vec::with_capacity(message.len());
codec.encode(message, &mut out_buf);
self.write(out_buf.as_slice())?;
self.write(b"\r\n.\r\n")?;
self.read_response()
}
@@ -296,7 +303,7 @@ impl SmtpConnection {
}
/// The X509 certificate of the server (DER encoded)
#[cfg(any(feature = "native-tls", feature = "rustls-tls"))]
#[cfg(any(feature = "native-tls", feature = "rustls-tls", feature = "boring-tls"))]
pub fn peer_certificate(&self) -> Result<Vec<u8>, Error> {
self.stream.get_ref().peer_certificate()
}

84
src/transport/smtp/client/mod.rs
View File

@@ -30,8 +30,10 @@ pub use self::async_connection::AsyncSmtpConnection;
#[cfg(any(feature = "tokio1", feature = "async-std1"))]
pub use self::async_net::AsyncNetworkStream;
use self::net::NetworkStream;
#[cfg(any(feature = "native-tls", feature = "rustls-tls"))]
#[cfg(any(feature = "native-tls", feature = "rustls-tls", feature = "boring-tls"))]
pub(super) use self::tls::InnerTlsParameters;
#[cfg(any(feature = "native-tls", feature = "rustls-tls", feature = "boring-tls"))]
pub use self::tls::TlsVersion;
pub use self::{
connection::SmtpConnection,
tls::{Certificate, Tls, TlsParameters, TlsParametersBuilder},
@@ -46,60 +48,57 @@ mod net;
mod tls;
/// The codec used for transparency
#[derive(Default, Clone, Copy, Debug)]
#[cfg_attr(feature = "serde", derive(serde::Serialize, serde::Deserialize))]
#[derive(Debug)]
struct ClientCodec {
escape_count: u8,
status: CodecStatus,
}
impl ClientCodec {
/// Creates a new client codec
pub fn new() -> Self {
ClientCodec::default()
Self {
status: CodecStatus::StartOfNewLine,
}
}
/// Adds transparency
fn encode(&mut self, frame: &[u8], buf: &mut Vec<u8>) {
match frame.len() {
0 => {
match self.escape_count {
0 => buf.extend_from_slice(b"\r\n.\r\n"),
1 => buf.extend_from_slice(b"\n.\r\n"),
2 => buf.extend_from_slice(b".\r\n"),
_ => unreachable!(),
for &b in frame {
buf.push(b);
match (b, self.status) {
(b'\r', _) => {
self.status = CodecStatus::StartingNewLine;
}
self.escape_count = 0;
}
_ => {
let mut start = 0;
for (idx, byte) in frame.iter().enumerate() {
match self.escape_count {
0 => self.escape_count = if *byte == b'\r' { 1 } else { 0 },
1 => self.escape_count = if *byte == b'\n' { 2 } else { 0 },
2 => {
self.escape_count = if *byte == b'.' {
3
} else if *byte == b'\r' {
1
} else {
0
}
}
_ => unreachable!(),
}
if self.escape_count == 3 {
self.escape_count = 0;
buf.extend_from_slice(&frame[start..idx]);
buf.extend_from_slice(b".");
start = idx;
}
(b'\n', CodecStatus::StartingNewLine) => {
self.status = CodecStatus::StartOfNewLine;
}
buf.extend_from_slice(&frame[start..]);
(_, CodecStatus::StartingNewLine) => {
self.status = CodecStatus::MiddleOfLine;
}
(b'.', CodecStatus::StartOfNewLine) => {
self.status = CodecStatus::MiddleOfLine;
buf.push(b'.');
}
(_, CodecStatus::StartOfNewLine) => {
self.status = CodecStatus::MiddleOfLine;
}
_ => {}
}
}
}
}
#[derive(Debug, Copy, Clone)]
#[allow(clippy::enum_variant_names)]
enum CodecStatus {
/// We are past the first character of the current line
MiddleOfLine,
/// We just read a `\r` character
StartingNewLine,
/// We are at the start of a new line
StartOfNewLine,
}
/// Returns the string replacing all the CRLF with "\<CRLF\>"
/// Used for debug displays
#[cfg(feature = "tracing")]
@@ -113,9 +112,10 @@ mod test {
#[test]
fn test_codec() {
let mut buf = Vec::new();
let mut codec = ClientCodec::new();
let mut buf: Vec<u8> = vec![];
codec.encode(b".\r\n", &mut buf);
codec.encode(b"test\r\n", &mut buf);
codec.encode(b"test\r\n\r\n", &mut buf);
codec.encode(b".\r\n", &mut buf);
@@ -126,9 +126,13 @@ mod test {
codec.encode(b"test\n", &mut buf);
codec.encode(b".test\n", &mut buf);
codec.encode(b"test", &mut buf);
codec.encode(b"test", &mut buf);
codec.encode(b"test\r\n", &mut buf);
codec.encode(b".test\r\n", &mut buf);
codec.encode(b"test.\r\n", &mut buf);
assert_eq!(
String::from_utf8(buf).unwrap(),
"test\r\ntest\r\n\r\n..\r\n\r\ntestte\r\n..\r\nsttesttest.test\n.test\ntest"
"..\r\ntest\r\ntest\r\n\r\n..\r\n\r\ntestte\r\n..\r\nsttesttest.test\n.test\ntesttesttest\r\n..test\r\ntest.\r\n"
);
}

61
src/transport/smtp/client/net.rs
View File

@@ -2,16 +2,19 @@ use std::{
io::{self, Read, Write},
mem,
net::{IpAddr, Ipv4Addr, Shutdown, SocketAddr, SocketAddrV4, TcpStream, ToSocketAddrs},
sync::Arc,
time::Duration,
};
#[cfg(feature = "boring-tls")]
use boring::ssl::SslStream;
#[cfg(feature = "native-tls")]
use native_tls::TlsStream;
#[cfg(feature = "rustls-tls")]
use rustls::{ClientConnection, ServerName, StreamOwned};
use socket2::{Domain, Protocol, Type};
#[cfg(any(feature = "native-tls", feature = "rustls-tls"))]
#[cfg(any(feature = "native-tls", feature = "rustls-tls", feature = "boring-tls"))]
use super::InnerTlsParameters;
use super::TlsParameters;
use crate::transport::smtp::{error, Error};
@@ -34,6 +37,8 @@ enum InnerNetworkStream {
/// Encrypted TCP stream
#[cfg(feature = "rustls-tls")]
RustlsTls(StreamOwned<ClientConnection, TcpStream>),
#[cfg(feature = "boring-tls")]
BoringTls(SslStream<TcpStream>),
/// Can't be built
None,
}
@@ -55,6 +60,8 @@ impl NetworkStream {
InnerNetworkStream::NativeTls(ref s) => s.get_ref().peer_addr(),
#[cfg(feature = "rustls-tls")]
InnerNetworkStream::RustlsTls(ref s) => s.get_ref().peer_addr(),
#[cfg(feature = "boring-tls")]
InnerNetworkStream::BoringTls(ref s) => s.get_ref().peer_addr(),
InnerNetworkStream::None => {
debug_assert!(false, "InnerNetworkStream::None must never be built");
Ok(SocketAddr::V4(SocketAddrV4::new(
@@ -73,6 +80,8 @@ impl NetworkStream {
InnerNetworkStream::NativeTls(ref s) => s.get_ref().shutdown(how),
#[cfg(feature = "rustls-tls")]
InnerNetworkStream::RustlsTls(ref s) => s.get_ref().shutdown(how),
#[cfg(feature = "boring-tls")]
InnerNetworkStream::BoringTls(ref s) => s.get_ref().shutdown(how),
InnerNetworkStream::None => {
debug_assert!(false, "InnerNetworkStream::None must never be built");
Ok(())
@@ -136,13 +145,17 @@ impl NetworkStream {
pub fn upgrade_tls(&mut self, tls_parameters: &TlsParameters) -> Result<(), Error> {
match &self.inner {
#[cfg(not(any(feature = "native-tls", feature = "rustls-tls")))]
#[cfg(not(any(
feature = "native-tls",
feature = "rustls-tls",
feature = "boring-tls"
)))]
InnerNetworkStream::Tcp(_) => {
let _ = tls_parameters;
panic!("Trying to upgrade an NetworkStream without having enabled either the native-tls or the rustls-tls feature");
}
#[cfg(any(feature = "native-tls", feature = "rustls-tls"))]
#[cfg(any(feature = "native-tls", feature = "rustls-tls", feature = "boring-tls"))]
InnerNetworkStream::Tcp(_) => {
// get owned TcpStream
let tcp_stream = mem::replace(&mut self.inner, InnerNetworkStream::None);
@@ -158,7 +171,7 @@ impl NetworkStream {
}
}
#[cfg(any(feature = "native-tls", feature = "rustls-tls"))]
#[cfg(any(feature = "native-tls", feature = "rustls-tls", feature = "boring-tls"))]
fn upgrade_tls_impl(
tcp_stream: TcpStream,
tls_parameters: &TlsParameters,
@@ -175,11 +188,21 @@ impl NetworkStream {
InnerTlsParameters::RustlsTls(connector) => {
let domain = ServerName::try_from(tls_parameters.domain())
.map_err(|_| error::connection("domain isn't a valid DNS name"))?;
let connection =
ClientConnection::new(connector.clone(), domain).map_err(error::connection)?;
let connection = ClientConnection::new(Arc::clone(connector), domain)
.map_err(error::connection)?;
let stream = StreamOwned::new(connection, tcp_stream);
InnerNetworkStream::RustlsTls(stream)
}
#[cfg(feature = "boring-tls")]
InnerTlsParameters::BoringTls(connector) => {
let stream = connector
.configure()
.map_err(error::connection)?
.verify_hostname(tls_parameters.accept_invalid_hostnames)
.connect(tls_parameters.domain(), tcp_stream)
.map_err(error::connection)?;
InnerNetworkStream::BoringTls(stream)
}
})
}
@@ -190,6 +213,8 @@ impl NetworkStream {
InnerNetworkStream::NativeTls(_) => true,
#[cfg(feature = "rustls-tls")]
InnerNetworkStream::RustlsTls(_) => true,
#[cfg(feature = "boring-tls")]
InnerNetworkStream::BoringTls(_) => true,
InnerNetworkStream::None => {
debug_assert!(false, "InnerNetworkStream::None must never be built");
false
@@ -197,7 +222,7 @@ impl NetworkStream {
}
}
#[cfg(any(feature = "native-tls", feature = "rustls-tls"))]
#[cfg(any(feature = "native-tls", feature = "rustls-tls", feature = "boring-tls"))]
pub fn peer_certificate(&self) -> Result<Vec<u8>, Error> {
match &self.inner {
InnerNetworkStream::Tcp(_) => Err(error::client("Connection is not encrypted")),
@@ -217,6 +242,13 @@ impl NetworkStream {
.unwrap()
.clone()
.0),
#[cfg(feature = "boring-tls")]
InnerNetworkStream::BoringTls(stream) => Ok(stream
.ssl()
.peer_certificate()
.unwrap()
.to_der()
.map_err(error::tls)?),
InnerNetworkStream::None => panic!("InnerNetworkStream::None must never be built"),
}
}
@@ -232,6 +264,10 @@ impl NetworkStream {
InnerNetworkStream::RustlsTls(ref mut stream) => {
stream.get_ref().set_read_timeout(duration)
}
#[cfg(feature = "boring-tls")]
InnerNetworkStream::BoringTls(ref mut stream) => {
stream.get_ref().set_read_timeout(duration)
}
InnerNetworkStream::None => {
debug_assert!(false, "InnerNetworkStream::None must never be built");
Ok(())
@@ -252,7 +288,10 @@ impl NetworkStream {
InnerNetworkStream::RustlsTls(ref mut stream) => {
stream.get_ref().set_write_timeout(duration)
}
#[cfg(feature = "boring-tls")]
InnerNetworkStream::BoringTls(ref mut stream) => {
stream.get_ref().set_write_timeout(duration)
}
InnerNetworkStream::None => {
debug_assert!(false, "InnerNetworkStream::None must never be built");
Ok(())
@@ -269,6 +308,8 @@ impl Read for NetworkStream {
InnerNetworkStream::NativeTls(ref mut s) => s.read(buf),
#[cfg(feature = "rustls-tls")]
InnerNetworkStream::RustlsTls(ref mut s) => s.read(buf),
#[cfg(feature = "boring-tls")]
InnerNetworkStream::BoringTls(ref mut s) => s.read(buf),
InnerNetworkStream::None => {
debug_assert!(false, "InnerNetworkStream::None must never be built");
Ok(0)
@@ -285,6 +326,8 @@ impl Write for NetworkStream {
InnerNetworkStream::NativeTls(ref mut s) => s.write(buf),
#[cfg(feature = "rustls-tls")]
InnerNetworkStream::RustlsTls(ref mut s) => s.write(buf),
#[cfg(feature = "boring-tls")]
InnerNetworkStream::BoringTls(ref mut s) => s.write(buf),
InnerNetworkStream::None => {
debug_assert!(false, "InnerNetworkStream::None must never be built");
Ok(0)
@@ -299,6 +342,8 @@ impl Write for NetworkStream {
InnerNetworkStream::NativeTls(ref mut s) => s.flush(),
#[cfg(feature = "rustls-tls")]
InnerNetworkStream::RustlsTls(ref mut s) => s.flush(),
#[cfg(feature = "boring-tls")]
InnerNetworkStream::BoringTls(ref mut s) => s.flush(),
InnerNetworkStream::None => {
debug_assert!(false, "InnerNetworkStream::None must never be built");
Ok(())

205
src/transport/smtp/client/tls.rs
View File

@@ -2,6 +2,8 @@ use std::fmt::{self, Debug};
#[cfg(feature = "rustls-tls")]
use std::{sync::Arc, time::SystemTime};
#[cfg(feature = "boring-tls")]
use boring::ssl::{SslConnector, SslVersion};
#[cfg(feature = "native-tls")]
use native_tls::{Protocol, TlsConnector};
#[cfg(feature = "rustls-tls")]
@@ -10,14 +12,44 @@ use rustls::{
ClientConfig, Error as TlsError, OwnedTrustAnchor, RootCertStore, ServerName,
};
#[cfg(any(feature = "native-tls", feature = "rustls-tls"))]
#[cfg(any(feature = "native-tls", feature = "rustls-tls", feature = "boring-tls"))]
use crate::transport::smtp::{error, Error};
/// Accepted protocols by default.
/// This removes TLS 1.0 and 1.1 compared to tls-native defaults.
// This is also rustls' default behavior
#[cfg(feature = "native-tls")]
const DEFAULT_TLS_MIN_PROTOCOL: Protocol = Protocol::Tlsv12;
/// TLS protocol versions.
#[derive(Debug, Copy, Clone)]
#[non_exhaustive]
#[cfg(any(feature = "native-tls", feature = "rustls-tls", feature = "boring-tls"))]
pub enum TlsVersion {
/// TLS 1.0
///
/// Should only be used when trying to support legacy
/// SMTP servers that haven't updated to
/// at least TLS 1.2 yet.
///
/// Supported by `native-tls` and `boring-tls`.
Tlsv10,
/// TLS 1.1
///
/// Should only be used when trying to support legacy
/// SMTP servers that haven't updated to
/// at least TLS 1.2 yet.
///
/// Supported by `native-tls` and `boring-tls`.
Tlsv11,
/// TLS 1.2
///
/// A good option for most SMTP servers.
///
/// Supported by all TLS backends.
Tlsv12,
/// TLS 1.3
///
/// The most secure option, altough not supported by all SMTP servers.
///
/// Altough it is technically supported by all TLS backends,
/// trying to set it for `native-tls` will give a runtime error.
Tlsv13,
}
/// How to apply TLS to a client connection
#[derive(Clone)]
@@ -26,16 +58,25 @@ pub enum Tls {
/// Insecure connection only (for testing purposes)
None,
/// Start with insecure connection and use `STARTTLS` when available
#[cfg(any(feature = "native-tls", feature = "rustls-tls"))]
#[cfg_attr(docsrs, doc(cfg(any(feature = "native-tls", feature = "rustls-tls"))))]
#[cfg(any(feature = "native-tls", feature = "rustls-tls", feature = "boring-tls"))]
#[cfg_attr(
docsrs,
doc(cfg(any(feature = "native-tls", feature = "rustls-tls", feature = "boring-tls")))
)]
Opportunistic(TlsParameters),
/// Start with insecure connection and require `STARTTLS`
#[cfg(any(feature = "native-tls", feature = "rustls-tls"))]
#[cfg_attr(docsrs, doc(cfg(any(feature = "native-tls", feature = "rustls-tls"))))]
#[cfg(any(feature = "native-tls", feature = "rustls-tls", feature = "boring-tls"))]
#[cfg_attr(
docsrs,
doc(cfg(any(feature = "native-tls", feature = "rustls-tls", feature = "boring-tls")))
)]
Required(TlsParameters),
/// Use TLS wrapped connection
#[cfg(any(feature = "native-tls", feature = "rustls-tls"))]
#[cfg_attr(docsrs, doc(cfg(any(feature = "native-tls", feature = "rustls-tls"))))]
#[cfg(any(feature = "native-tls", feature = "rustls-tls", feature = "boring-tls"))]
#[cfg_attr(
docsrs,
doc(cfg(any(feature = "native-tls", feature = "rustls-tls", feature = "boring-tls")))
)]
Wrapper(TlsParameters),
}
@@ -43,11 +84,11 @@ impl Debug for Tls {
fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
match &self {
Self::None => f.pad("None"),
#[cfg(any(feature = "native-tls", feature = "rustls-tls"))]
#[cfg(any(feature = "native-tls", feature = "rustls-tls", feature = "boring-tls"))]
Self::Opportunistic(_) => f.pad("Opportunistic"),
#[cfg(any(feature = "native-tls", feature = "rustls-tls"))]
#[cfg(any(feature = "native-tls", feature = "rustls-tls", feature = "boring-tls"))]
Self::Required(_) => f.pad("Required"),
#[cfg(any(feature = "native-tls", feature = "rustls-tls"))]
#[cfg(any(feature = "native-tls", feature = "rustls-tls", feature = "boring-tls"))]
Self::Wrapper(_) => f.pad("Wrapper"),
}
}
@@ -59,6 +100,7 @@ pub struct TlsParameters {
pub(crate) connector: InnerTlsParameters,
/// The domain name which is expected in the TLS certificate from the server
pub(super) domain: String,
pub(super) accept_invalid_hostnames: bool,
}
/// Builder for `TlsParameters`
@@ -68,6 +110,8 @@ pub struct TlsParametersBuilder {
root_certs: Vec<Certificate>,
accept_invalid_hostnames: bool,
accept_invalid_certs: bool,
#[cfg(any(feature = "native-tls", feature = "rustls-tls", feature = "boring-tls"))]
min_tls_version: TlsVersion,
}
impl TlsParametersBuilder {
@@ -78,6 +122,8 @@ impl TlsParametersBuilder {
root_certs: Vec::new(),
accept_invalid_hostnames: false,
accept_invalid_certs: false,
#[cfg(any(feature = "native-tls", feature = "rustls-tls", feature = "boring-tls"))]
min_tls_version: TlsVersion::Tlsv12,
}
}
@@ -102,13 +148,22 @@ impl TlsParametersBuilder {
/// This method introduces significant vulnerabilities to man-in-the-middle attacks.
///
/// Hostname verification can only be disabled with the `native-tls` TLS backend.
#[cfg(feature = "native-tls")]
#[cfg_attr(docsrs, doc(cfg(feature = "native-tls")))]
#[cfg(any(feature = "native-tls", feature = "boring-tls"))]
#[cfg_attr(docsrs, doc(cfg(any(feature = "native-tls", feature = "boring-tls"))))]
pub fn dangerous_accept_invalid_hostnames(mut self, accept_invalid_hostnames: bool) -> Self {
self.accept_invalid_hostnames = accept_invalid_hostnames;
self
}
/// Controls which minimum TLS version is allowed
///
/// Defaults to [`Tlsv12`][TlsVersion::Tlsv12].
#[cfg(any(feature = "native-tls", feature = "rustls-tls", feature = "boring-tls"))]
pub fn set_min_tls_version(mut self, min_tls_version: TlsVersion) -> Self {
self.min_tls_version = min_tls_version;
self
}
/// Controls whether invalid certificates are accepted
///
/// Defaults to `false`.
@@ -130,16 +185,20 @@ impl TlsParametersBuilder {
self
}
/// Creates a new `TlsParameters` using native-tls or rustls
/// Creates a new `TlsParameters` using native-tls, boring-tls or rustls
/// depending on which one is available
#[cfg(any(feature = "native-tls", feature = "rustls-tls"))]
#[cfg_attr(docsrs, doc(cfg(any(feature = "native-tls", feature = "rustls-tls"))))]
#[cfg(any(feature = "native-tls", feature = "rustls-tls", feature = "boring-tls"))]
#[cfg_attr(
docsrs,
doc(cfg(any(feature = "native-tls", feature = "rustls-tls", feature = "boring-tls")))
)]
pub fn build(self) -> Result<TlsParameters, Error> {
#[cfg(feature = "rustls-tls")]
return self.build_rustls();
#[cfg(not(feature = "rustls-tls"))]
#[cfg(all(not(feature = "rustls-tls"), feature = "native-tls"))]
return self.build_native();
#[cfg(all(not(feature = "rustls-tls"), feature = "boring-tls"))]
return self.build_boring();
}
/// Creates a new `TlsParameters` using native-tls with the provided configuration
@@ -154,11 +213,59 @@ impl TlsParametersBuilder {
tls_builder.danger_accept_invalid_hostnames(self.accept_invalid_hostnames);
tls_builder.danger_accept_invalid_certs(self.accept_invalid_certs);
tls_builder.min_protocol_version(Some(DEFAULT_TLS_MIN_PROTOCOL));
let min_tls_version = match self.min_tls_version {
TlsVersion::Tlsv10 => Protocol::Tlsv10,
TlsVersion::Tlsv11 => Protocol::Tlsv11,
TlsVersion::Tlsv12 => Protocol::Tlsv12,
TlsVersion::Tlsv13 => {
return Err(error::tls(
"min tls version Tlsv13 not supported in native tls",
))
}
};
tls_builder.min_protocol_version(Some(min_tls_version));
let connector = tls_builder.build().map_err(error::tls)?;
Ok(TlsParameters {
connector: InnerTlsParameters::NativeTls(connector),
domain: self.domain,
accept_invalid_hostnames: self.accept_invalid_hostnames,
})
}
/// Creates a new `TlsParameters` using boring-tls with the provided configuration
#[cfg(feature = "boring-tls")]
#[cfg_attr(docsrs, doc(cfg(feature = "boring-tls")))]
pub fn build_boring(self) -> Result<TlsParameters, Error> {
use boring::ssl::{SslMethod, SslVerifyMode};
let mut tls_builder = SslConnector::builder(SslMethod::tls_client()).map_err(error::tls)?;
if self.accept_invalid_certs {
tls_builder.set_verify(SslVerifyMode::NONE);
} else {
let cert_store = tls_builder.cert_store_mut();
for cert in self.root_certs {
cert_store.add_cert(cert.boring_tls).map_err(error::tls)?;
}
}
let min_tls_version = match self.min_tls_version {
TlsVersion::Tlsv10 => SslVersion::TLS1,
TlsVersion::Tlsv11 => SslVersion::TLS1_1,
TlsVersion::Tlsv12 => SslVersion::TLS1_2,
TlsVersion::Tlsv13 => SslVersion::TLS1_3,
};
tls_builder
.set_min_proto_version(Some(min_tls_version))
.map_err(error::tls)?;
let connector = tls_builder.build();
Ok(TlsParameters {
connector: InnerTlsParameters::BoringTls(connector),
domain: self.domain,
accept_invalid_hostnames: self.accept_invalid_hostnames,
})
}
@@ -167,7 +274,24 @@ impl TlsParametersBuilder {
#[cfg_attr(docsrs, doc(cfg(feature = "rustls-tls")))]
pub fn build_rustls(self) -> Result<TlsParameters, Error> {
let tls = ClientConfig::builder();
let tls = tls.with_safe_defaults();
let just_version3 = &[&rustls::version::TLS13];
let supported_versions = match self.min_tls_version {
TlsVersion::Tlsv10 => {
return Err(error::tls("min tls version Tlsv10 not supported in rustls"))
}
TlsVersion::Tlsv11 => {
return Err(error::tls("min tls version Tlsv11 not supported in rustls"))
}
TlsVersion::Tlsv12 => rustls::ALL_VERSIONS,
TlsVersion::Tlsv13 => just_version3,
};
let tls = tls
.with_safe_default_cipher_suites()
.with_safe_default_kx_groups()
.with_protocol_versions(supported_versions)
.map_err(error::tls)?;
let tls = if self.accept_invalid_certs {
tls.with_custom_certificate_verifier(Arc::new(InvalidCertsVerifier {}))
@@ -198,27 +322,35 @@ impl TlsParametersBuilder {
Ok(TlsParameters {
connector: InnerTlsParameters::RustlsTls(Arc::new(tls)),
domain: self.domain,
accept_invalid_hostnames: self.accept_invalid_hostnames,
})
}
}
#[derive(Clone)]
#[allow(clippy::enum_variant_names)]
pub enum InnerTlsParameters {
#[cfg(feature = "native-tls")]
NativeTls(TlsConnector),
#[cfg(feature = "rustls-tls")]
RustlsTls(Arc<ClientConfig>),
#[cfg(feature = "boring-tls")]
BoringTls(SslConnector),
}
impl TlsParameters {
/// Creates a new `TlsParameters` using native-tls or rustls
/// depending on which one is available
#[cfg(any(feature = "native-tls", feature = "rustls-tls"))]
#[cfg_attr(docsrs, doc(cfg(any(feature = "native-tls", feature = "rustls-tls"))))]
#[cfg(any(feature = "native-tls", feature = "rustls-tls", feature = "boring-tls"))]
#[cfg_attr(
docsrs,
doc(cfg(any(feature = "native-tls", feature = "rustls-tls", feature = "boring-tls")))
)]
pub fn new(domain: String) -> Result<Self, Error> {
TlsParametersBuilder::new(domain).build()
}
/// Creates a new `TlsParameters` builder
pub fn builder(domain: String) -> TlsParametersBuilder {
TlsParametersBuilder::new(domain)
}
@@ -237,6 +369,13 @@ impl TlsParameters {
TlsParametersBuilder::new(domain).build_rustls()
}
/// Creates a new `TlsParameters` using boring
#[cfg(feature = "boring-tls")]
#[cfg_attr(docsrs, doc(cfg(feature = "boring-tls")))]
pub fn new_boring(domain: String) -> Result<Self, Error> {
TlsParametersBuilder::new(domain).build_boring()
}
pub fn domain(&self) -> &str {
&self.domain
}
@@ -250,20 +389,27 @@ pub struct Certificate {
native_tls: native_tls::Certificate,
#[cfg(feature = "rustls-tls")]
rustls: Vec<rustls::Certificate>,
#[cfg(feature = "boring-tls")]
boring_tls: boring::x509::X509,
}
#[cfg(any(feature = "native-tls", feature = "rustls-tls"))]
#[cfg(any(feature = "native-tls", feature = "rustls-tls", feature = "boring-tls"))]
impl Certificate {
/// Create a `Certificate` from a DER encoded certificate
pub fn from_der(der: Vec<u8>) -> Result<Self, Error> {
#[cfg(feature = "native-tls")]
let native_tls_cert = native_tls::Certificate::from_der(&der).map_err(error::tls)?;
#[cfg(feature = "boring-tls")]
let boring_tls_cert = boring::x509::X509::from_der(&der).map_err(error::tls)?;
Ok(Self {
#[cfg(feature = "native-tls")]
native_tls: native_tls_cert,
#[cfg(feature = "rustls-tls")]
rustls: vec![rustls::Certificate(der)],
#[cfg(feature = "boring-tls")]
boring_tls: boring_tls_cert,
})
}
@@ -272,6 +418,9 @@ impl Certificate {
#[cfg(feature = "native-tls")]
let native_tls_cert = native_tls::Certificate::from_pem(pem).map_err(error::tls)?;
#[cfg(feature = "boring-tls")]
let boring_tls_cert = boring::x509::X509::from_pem(pem).map_err(error::tls)?;
#[cfg(feature = "rustls-tls")]
let rustls_cert = {
use std::io::Cursor;
@@ -289,6 +438,8 @@ impl Certificate {
native_tls: native_tls_cert,
#[cfg(feature = "rustls-tls")]
rustls: rustls_cert,
#[cfg(feature = "boring-tls")]
boring_tls: boring_tls_cert,
})
}
}

24
src/transport/smtp/commands.rs
View File

@@ -13,7 +13,7 @@ use crate::{
};
/// EHLO command
#[derive(PartialEq, Clone, Debug)]
#[derive(PartialEq, Eq, Clone, Debug)]
#[cfg_attr(feature = "serde", derive(serde::Serialize, serde::Deserialize))]
pub struct Ehlo {
client_id: ClientId,
@@ -33,7 +33,7 @@ impl Ehlo {
}
/// STARTTLS command
#[derive(PartialEq, Clone, Debug, Copy)]
#[derive(PartialEq, Eq, Clone, Debug, Copy)]
#[cfg_attr(feature = "serde", derive(serde::Serialize, serde::Deserialize))]
pub struct Starttls;
@@ -44,7 +44,7 @@ impl Display for Starttls {
}
/// MAIL command
#[derive(PartialEq, Clone, Debug)]
#[derive(PartialEq, Eq, Clone, Debug)]
#[cfg_attr(feature = "serde", derive(serde::Serialize, serde::Deserialize))]
pub struct Mail {
sender: Option<Address>,
@@ -73,7 +73,7 @@ impl Mail {
}
/// RCPT command
#[derive(PartialEq, Clone, Debug)]
#[derive(PartialEq, Eq, Clone, Debug)]
#[cfg_attr(feature = "serde", derive(serde::Serialize, serde::Deserialize))]
pub struct Rcpt {
recipient: Address,
@@ -101,7 +101,7 @@ impl Rcpt {
}
/// DATA command
#[derive(PartialEq, Clone, Debug, Copy)]
#[derive(PartialEq, Eq, Clone, Debug, Copy)]
#[cfg_attr(feature = "serde", derive(serde::Serialize, serde::Deserialize))]
pub struct Data;
@@ -112,7 +112,7 @@ impl Display for Data {
}
/// QUIT command
#[derive(PartialEq, Clone, Debug, Copy)]
#[derive(PartialEq, Eq, Clone, Debug, Copy)]
#[cfg_attr(feature = "serde", derive(serde::Serialize, serde::Deserialize))]
pub struct Quit;
@@ -123,7 +123,7 @@ impl Display for Quit {
}
/// NOOP command
#[derive(PartialEq, Clone, Debug, Copy)]
#[derive(PartialEq, Eq, Clone, Debug, Copy)]
#[cfg_attr(feature = "serde", derive(serde::Serialize, serde::Deserialize))]
pub struct Noop;
@@ -134,7 +134,7 @@ impl Display for Noop {
}
/// HELP command
#[derive(PartialEq, Clone, Debug)]
#[derive(PartialEq, Eq, Clone, Debug)]
#[cfg_attr(feature = "serde", derive(serde::Serialize, serde::Deserialize))]
pub struct Help {
argument: Option<String>,
@@ -158,7 +158,7 @@ impl Help {
}
/// VRFY command
#[derive(PartialEq, Clone, Debug)]
#[derive(PartialEq, Eq, Clone, Debug)]
#[cfg_attr(feature = "serde", derive(serde::Serialize, serde::Deserialize))]
pub struct Vrfy {
argument: String,
@@ -178,7 +178,7 @@ impl Vrfy {
}
/// EXPN command
#[derive(PartialEq, Clone, Debug)]
#[derive(PartialEq, Eq, Clone, Debug)]
#[cfg_attr(feature = "serde", derive(serde::Serialize, serde::Deserialize))]
pub struct Expn {
argument: String,
@@ -198,7 +198,7 @@ impl Expn {
}
/// RSET command
#[derive(PartialEq, Clone, Debug, Copy)]
#[derive(PartialEq, Eq, Clone, Debug, Copy)]
#[cfg_attr(feature = "serde", derive(serde::Serialize, serde::Deserialize))]
pub struct Rset;
@@ -209,7 +209,7 @@ impl Display for Rset {
}
/// AUTH command
#[derive(PartialEq, Clone, Debug)]
#[derive(PartialEq, Eq, Clone, Debug)]
#[cfg_attr(feature = "serde", derive(serde::Serialize, serde::Deserialize))]
pub struct Auth {
mechanism: Mechanism,

18
src/transport/smtp/error.rs
View File

@@ -68,8 +68,11 @@ impl Error {
}
/// Returns true if the error is from TLS
#[cfg(any(feature = "native-tls", feature = "rustls-tls"))]
#[cfg_attr(docsrs, doc(cfg(any(feature = "native-tls", feature = "rustls-tls"))))]
#[cfg(any(feature = "native-tls", feature = "rustls-tls", feature = "boring-tls"))]
#[cfg_attr(
docsrs,
doc(cfg(any(feature = "native-tls", feature = "rustls-tls", feature = "boring-tls")))
)]
pub fn is_tls(&self) -> bool {
matches!(self.inner.kind, Kind::Tls)
}
@@ -102,8 +105,11 @@ pub(crate) enum Kind {
/// Underlying network i/o error
Network,
/// TLS error
#[cfg_attr(docsrs, doc(cfg(any(feature = "native-tls", feature = "rustls-tls"))))]
#[cfg(any(feature = "native-tls", feature = "rustls-tls"))]
#[cfg_attr(
docsrs,
doc(cfg(any(feature = "native-tls", feature = "rustls-tls", feature = "boring-tls")))
)]
#[cfg(any(feature = "native-tls", feature = "rustls-tls", feature = "boring-tls"))]
Tls,
}
@@ -128,7 +134,7 @@ impl fmt::Display for Error {
Kind::Client => f.write_str("internal client error")?,
Kind::Network => f.write_str("network error")?,
Kind::Connection => f.write_str("Connection error")?,
#[cfg(any(feature = "native-tls", feature = "rustls-tls"))]
#[cfg(any(feature = "native-tls", feature = "rustls-tls", feature = "boring-tls"))]
Kind::Tls => f.write_str("tls error")?,
Kind::Transient(ref code) => {
write!(f, "transient error ({})", code)?;
@@ -179,7 +185,7 @@ pub(crate) fn connection<E: Into<BoxError>>(e: E) -> Error {
Error::new(Kind::Connection, Some(e))
}
#[cfg(any(feature = "native-tls", feature = "rustls-tls"))]
#[cfg(any(feature = "native-tls", feature = "rustls-tls", feature = "boring-tls"))]
pub(crate) fn tls<E: Into<BoxError>>(e: E) -> Error {
Error::new(Kind::Tls, Some(e))
}

2
src/transport/smtp/mod.rs
View File

@@ -140,7 +140,7 @@ pub use self::{
error::Error,
transport::{SmtpTransport, SmtpTransportBuilder},
};
#[cfg(any(feature = "native-tls", feature = "rustls-tls"))]
#[cfg(any(feature = "native-tls", feature = "rustls-tls", feature = "boring-tls"))]
use crate::transport::smtp::client::TlsParameters;
use crate::transport::smtp::{
authentication::{Credentials, Mechanism, DEFAULT_MECHANISMS},

4
src/transport/smtp/pool/async_impl.rs
View File

@@ -158,14 +158,14 @@ impl<E: Executor> Pool<E> {
#[cfg(feature = "tracing")]
tracing::debug!("reusing a pooled connection");
return Ok(PooledConnection::wrap(conn, self.clone()));
return Ok(PooledConnection::wrap(conn, Arc::clone(self)));
}
None => {
#[cfg(feature = "tracing")]
tracing::debug!("creating a new connection");
let conn = self.client.connection().await?;
return Ok(PooledConnection::wrap(conn, self.clone()));
return Ok(PooledConnection::wrap(conn, Arc::clone(self)));
}
}
}

4
src/transport/smtp/pool/sync_impl.rs
View File

@@ -141,14 +141,14 @@ impl Pool {
#[cfg(feature = "tracing")]
tracing::debug!("reusing a pooled connection");
return Ok(PooledConnection::wrap(conn, self.clone()));
return Ok(PooledConnection::wrap(conn, Arc::clone(self)));
}
None => {
#[cfg(feature = "tracing")]
tracing::debug!("creating a new connection");
let conn = self.client.connection()?;
return Ok(PooledConnection::wrap(conn, self.clone()));
return Ok(PooledConnection::wrap(conn, Arc::clone(self)));
}
}
}

27
src/transport/smtp/transport.rs
View File

@@ -7,7 +7,7 @@ use super::pool::sync_impl::Pool;
#[cfg(feature = "pool")]
use super::PoolConfig;
use super::{ClientId, Credentials, Error, Mechanism, Response, SmtpConnection, SmtpInfo};
#[cfg(any(feature = "native-tls", feature = "rustls-tls"))]
#[cfg(any(feature = "native-tls", feature = "rustls-tls", feature = "boring-tls"))]
use super::{Tls, TlsParameters, SUBMISSIONS_PORT, SUBMISSION_PORT};
use crate::{address::Envelope, Transport};
@@ -45,8 +45,11 @@ impl SmtpTransport {
///
/// Creates an encrypted transport over submissions port, using the provided domain
/// to validate TLS certificates.
#[cfg(any(feature = "native-tls", feature = "rustls-tls"))]
#[cfg_attr(docsrs, doc(cfg(any(feature = "native-tls", feature = "rustls-tls"))))]
#[cfg(any(feature = "native-tls", feature = "rustls-tls", feature = "boring-tls"))]
#[cfg_attr(
docsrs,
doc(cfg(any(feature = "native-tls", feature = "rustls-tls", feature = "boring-tls")))
)]
pub fn relay(relay: &str) -> Result<SmtpTransportBuilder, Error> {
let tls_parameters = TlsParameters::new(relay.into())?;
@@ -66,8 +69,11 @@ impl SmtpTransport {
///
/// An error is returned if the connection can't be upgraded. No credentials
/// or emails will be sent to the server, protecting from downgrade attacks.
#[cfg(any(feature = "native-tls", feature = "rustls-tls"))]
#[cfg_attr(docsrs, doc(cfg(any(feature = "native-tls", feature = "rustls-tls"))))]
#[cfg(any(feature = "native-tls", feature = "rustls-tls", feature = "boring-tls"))]
#[cfg_attr(
docsrs,
doc(cfg(any(feature = "native-tls", feature = "rustls-tls", feature = "boring-tls")))
)]
pub fn starttls_relay(relay: &str) -> Result<SmtpTransportBuilder, Error> {
let tls_parameters = TlsParameters::new(relay.into())?;
@@ -166,8 +172,11 @@ impl SmtpTransportBuilder {
}
/// Set the TLS settings to use
#[cfg(any(feature = "native-tls", feature = "rustls-tls"))]
#[cfg_attr(docsrs, doc(cfg(any(feature = "native-tls", feature = "rustls-tls"))))]
#[cfg(any(feature = "native-tls", feature = "rustls-tls", feature = "boring-tls"))]
#[cfg_attr(
docsrs,
doc(cfg(any(feature = "native-tls", feature = "rustls-tls", feature = "boring-tls")))
)]
pub fn tls(mut self, tls: Tls) -> Self {
self.info.tls = tls;
self
@@ -210,7 +219,7 @@ impl SmtpClient {
pub fn connection(&self) -> Result<SmtpConnection, Error> {
#[allow(clippy::match_single_binding)]
let tls_parameters = match self.info.tls {
#[cfg(any(feature = "native-tls", feature = "rustls-tls"))]
#[cfg(any(feature = "native-tls", feature = "rustls-tls", feature = "boring-tls"))]
Tls::Wrapper(ref tls_parameters) => Some(tls_parameters),
_ => None,
};
@@ -224,7 +233,7 @@ impl SmtpClient {
None,
)?;
#[cfg(any(feature = "native-tls", feature = "rustls-tls"))]
#[cfg(any(feature = "native-tls", feature = "rustls-tls", feature = "boring-tls"))]
match self.info.tls {
Tls::Opportunistic(ref tls_parameters) => {
if conn.can_starttls() {

2
src/transport/smtp/util.rs
View File

@@ -41,7 +41,7 @@ mod tests {
]
.iter()
{
assert_eq!(format!("{}", XText(input)), expect.to_string());
assert_eq!(format!("{}", XText(input)), (*expect).to_string());
}
}
}

2
src/transport/stub/mod.rs
View File

@@ -53,6 +53,8 @@ use futures_util::lock::Mutex as FuturesMutex;
use crate::AsyncTransport;
use crate::{address::Envelope, Transport};
/// An error returned by the stub transport
#[non_exhaustive]
#[derive(Debug, Copy, Clone)]
pub struct Error;

6
tests/transport_stub.rs
View File

@@ -18,7 +18,7 @@ mod sync {
sender_ok.send(&email).unwrap();
sender_ko.send(&email).unwrap_err();
let expected_messages = vec![(
let expected_messages = [(
email.envelope().clone(),
String::from_utf8(email.formatted()).unwrap(),
)];
@@ -47,7 +47,7 @@ mod tokio_1 {
sender_ok.send(email.clone()).await.unwrap();
sender_ko.send(email.clone()).await.unwrap_err();
let expected_messages = vec![(
let expected_messages = [(
email.envelope().clone(),
String::from_utf8(email.formatted()).unwrap(),
)];
@@ -75,7 +75,7 @@ mod asyncstd_1 {
sender_ok.send(email.clone()).await.unwrap();
sender_ko.send(email.clone()).await.unwrap_err();
let expected_messages = vec![(
let expected_messages = [(
email.envelope().clone(),
String::from_utf8(email.formatted()).unwrap(),
)];