From 3cdd2e10d029730add04e60f64a20e71e4e72af4 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Fri, 5 Apr 2024 17:41:41 +0900
Subject: [PATCH] chore(deps): bump github.com/emersion/go-smtp from 0.20.2 to
 0.21.0 (#1888)

* chore(deps): bump github.com/emersion/go-smtp from 0.20.2 to 0.21.0

Bumps [github.com/emersion/go-smtp](https://github.com/emersion/go-smtp) from 0.20.2 to 0.21.0.
- [Release notes](https://github.com/emersion/go-smtp/releases)
- [Commits](https://github.com/emersion/go-smtp/compare/v0.20.2...v0.21.0)

---
updated-dependencies:
- dependency-name: github.com/emersion/go-smtp
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* fix(reporter/email): use DialStartTLS instead of StartTLS

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: MaineK00n <mainek00n.1229@gmail.com>
---
 config/smtpconf.go  |  6 +++++
 go.mod              |  2 +-
 go.sum              |  4 +--
 reporter/email.go   | 62 ++++++++++++++++++++++++++++++---------------
 subcmds/discover.go |  1 +
 5 files changed, 52 insertions(+), 23 deletions(-)

diff --git a/config/smtpconf.go b/config/smtpconf.go
index 38cec70d..f5b3e901 100644
--- a/config/smtpconf.go
+++ b/config/smtpconf.go
@@ -9,6 +9,7 @@ import (
 type SMTPConf struct {
 	SMTPAddr              string   `toml:"smtpAddr,omitempty" json:"-"`
 	SMTPPort              string   `toml:"smtpPort,omitempty" valid:"port" json:"-"`
+	TLSMode               string   `toml:"tlsMode,omitempty" json:"-"`
 	TLSInsecureSkipVerify bool     `toml:"tlsInsecureSkipVerify,omitempty" json:"-"`
 	User                  string   `toml:"user,omitempty" json:"-"`
 	Password              string   `toml:"password,omitempty" json:"-"`
@@ -51,6 +52,11 @@ func (c *SMTPConf) Validate() (errs []error) {
 	if c.SMTPPort == "" {
 		errs = append(errs, xerrors.New("email.smtpPort must not be empty"))
 	}
+	switch c.TLSMode {
+	case "", "None", "STARTTLS", "SMTPS":
+	default:
+		errs = append(errs, xerrors.New(`email.tlsMode accepts ["", "None", "STARTTLS", "SMTPS"]`))
+	}
 	if len(c.To) == 0 {
 		errs = append(errs, xerrors.New("email.To required at least one address"))
 	}
diff --git a/go.mod b/go.mod
index de9ce47a..97a9acc1 100644
--- a/go.mod
+++ b/go.mod
@@ -17,7 +17,7 @@ require (
 	github.com/cenkalti/backoff v2.2.1+incompatible
 	github.com/d4l3k/messagediff v1.2.2-0.20190829033028-7e0a312ae40b
 	github.com/emersion/go-sasl v0.0.0-20200509203442-7bfe0ed36a21
-	github.com/emersion/go-smtp v0.20.2
+	github.com/emersion/go-smtp v0.21.0
 	github.com/google/go-cmp v0.6.0
 	github.com/google/subcommands v1.2.0
 	github.com/google/uuid v1.6.0
diff --git a/go.sum b/go.sum
index 370c7fdb..98490bbb 100644
--- a/go.sum
+++ b/go.sum
@@ -487,8 +487,8 @@ github.com/elazarl/goproxy v0.0.0-20230808193330-2592e75ae04a h1:mATvB/9r/3gvcej
 github.com/elazarl/goproxy v0.0.0-20230808193330-2592e75ae04a/go.mod h1:Ro8st/ElPeALwNFlcTpWmkr6IoMFfkjXAvTHpevnDsM=
 github.com/emersion/go-sasl v0.0.0-20200509203442-7bfe0ed36a21 h1:OJyUGMJTzHTd1XQp98QTaHernxMYzRaOasRir9hUlFQ=
 github.com/emersion/go-sasl v0.0.0-20200509203442-7bfe0ed36a21/go.mod h1:iL2twTeMvZnrg54ZoPDNfJaJaqy0xIQFuBdrLsmspwQ=
-github.com/emersion/go-smtp v0.20.2 h1:peX42Qnh5Q0q3vrAnRy43R/JwTnnv75AebxbkTL7Ia4=
-github.com/emersion/go-smtp v0.20.2/go.mod h1:qm27SGYgoIPRot6ubfQ/GpiPy/g3PaZAVRxiO/sDUgQ=
+github.com/emersion/go-smtp v0.21.0 h1:ZDZmX9aFUuPlD1lpoT0nC/nozZuIkSCyQIyxdijjCy0=
+github.com/emersion/go-smtp v0.21.0/go.mod h1:qm27SGYgoIPRot6ubfQ/GpiPy/g3PaZAVRxiO/sDUgQ=
 github.com/emicklei/go-restful/v3 v3.11.0 h1:rAQeMHw1c7zTmncogyy8VvRZwtkmkZ4FxERmMY4rD+g=
 github.com/emicklei/go-restful/v3 v3.11.0/go.mod h1:6n3XBCmQQb25CM2LCACGz8ukIrRry+4bhvbpWn3mrbc=
 github.com/emirpasic/gods v1.18.1 h1:FXtiHYKDGKCW2KzwZKx0iC0PQmdlorYgdFG9jPXJ1Bc=
diff --git a/reporter/email.go b/reporter/email.go
index 9d913cea..69073c1a 100644
--- a/reporter/email.go
+++ b/reporter/email.go
@@ -10,9 +10,10 @@ import (
 
 	sasl "github.com/emersion/go-sasl"
 	smtp "github.com/emersion/go-smtp"
+	"golang.org/x/xerrors"
+
 	"github.com/future-architect/vuls/config"
 	"github.com/future-architect/vuls/models"
-	"golang.org/x/xerrors"
 )
 
 // EMailWriter send mail
@@ -89,37 +90,58 @@ type emailSender struct {
 }
 
 func (e *emailSender) sendMail(smtpServerAddr, message string) (err error) {
-	var c *smtp.Client
 	var auth sasl.Client
 	emailConf := e.conf
-	//TLS Config
 	tlsConfig := &tls.Config{
 		ServerName:         emailConf.SMTPAddr,
 		InsecureSkipVerify: emailConf.TLSInsecureSkipVerify,
 	}
-	switch emailConf.SMTPPort {
-	case "465":
-		//New TLS connection
-		c, err = smtp.DialTLS(smtpServerAddr, tlsConfig)
-		if err != nil {
-			return xerrors.Errorf("Failed to create TLS connection to SMTP server: %w", err)
+
+	var c *smtp.Client
+	switch emailConf.TLSMode {
+	case "":
+		switch emailConf.SMTPPort {
+		case "465":
+			c, err = smtp.DialTLS(smtpServerAddr, tlsConfig)
+			if err != nil {
+				return xerrors.Errorf("Failed to create TLS connection to SMTP server: %w", err)
+			}
+			defer c.Close()
+		default:
+			c, err = smtp.Dial(smtpServerAddr)
+			if err != nil {
+				return xerrors.Errorf("Failed to create connection to SMTP server: %w", err)
+			}
+			defer c.Close()
+
+			if ok, _ := c.Extension("STARTTLS"); ok {
+				c, err = smtp.DialStartTLS(smtpServerAddr, tlsConfig)
+				if err != nil {
+					return xerrors.Errorf("Failed to create STARTTLS connection to SMTP server: %w", err)
+				}
+				defer c.Close()
+			}
 		}
-	default:
+	case "None":
 		c, err = smtp.Dial(smtpServerAddr)
 		if err != nil {
 			return xerrors.Errorf("Failed to create connection to SMTP server: %w", err)
 		}
-	}
-	defer c.Close()
-
-	if err = c.Hello("localhost"); err != nil {
-		return xerrors.Errorf("Failed to send Hello command: %w", err)
-	}
-
-	if ok, _ := c.Extension("STARTTLS"); ok {
-		if err := c.StartTLS(tlsConfig); err != nil {
-			return xerrors.Errorf("Failed to STARTTLS: %w", err)
+		defer c.Close()
+	case "STARTTLS":
+		c, err = smtp.DialStartTLS(smtpServerAddr, tlsConfig)
+		if err != nil {
+			return xerrors.Errorf("Failed to create STARTTLS connection to SMTP server: %w", err)
 		}
+		defer c.Close()
+	case "SMTPS":
+		c, err = smtp.DialTLS(smtpServerAddr, tlsConfig)
+		if err != nil {
+			return xerrors.Errorf("Failed to create TLS connection to SMTP server: %w", err)
+		}
+		defer c.Close()
+	default:
+		return xerrors.New(`invalid TLS mode. accepts: ["", "None", "STARTTLS", "SMTPS"]`)
 	}
 
 	if ok, param := c.Extension("AUTH"); ok {
diff --git a/subcmds/discover.go b/subcmds/discover.go
index af7a9650..cb17d404 100644
--- a/subcmds/discover.go
+++ b/subcmds/discover.go
@@ -127,6 +127,7 @@ func printConfigToml(ips []string) (err error) {
 #[email]
 #smtpAddr              = "smtp.example.com"
 #smtpPort              = "587"
+#tlsMode               = "STARTTLS"
 #tlsInsecureSkipVerify = false
 #user                  = "username"
 #password              = "password"