Merge branch 'feature/login-auth' into develop

2024-12-28 23:06:43 +02:00 · 2023-05-30 20:37:23 +12:00 · 2023-05-30 20:37:23 +12:00 · bee3174c78
commit bee3174c78
parent a3187d5499 52120abefd
2 changed files with 41 additions and 2 deletions
--- a/config/config.go
+++ b/config/config.go
@ -115,11 +115,11 @@ type smtpRelayConfigStruct struct {
 	Port                     int    `yaml:"port"`
 	STARTTLS                 bool   `yaml:"starttls"`
 	AllowInsecure            bool   `yaml:"allow-insecure"`
-	Auth                     string `yaml:"auth"`                // none, plain, cram-md5
+	Auth                     string `yaml:"auth"`                // none, plain, login, cram-md5
 	Username                 string `yaml:"username"`            // plain & cram-md5
 	Password                 string `yaml:"password"`            // plain
 	Secret                   string `yaml:"secret"`              // cram-md5
-	ReturnPath               string `yaml:"return-path"`         // allows overriding the boune address
+	ReturnPath               string `yaml:"return-path"`         // allow overriding the bounce address
 	RecipientAllowlist       string `yaml:"recipient-allowlist"` // regex, if set needs to match for mails to be relayed
 	RecipientAllowlistRegexp *regexp.Regexp
 }
@ -285,6 +285,11 @@ func parseRelayConfig(c string) error {
 		if SMTPRelayConfig.Username == "" || SMTPRelayConfig.Password == "" {
 			return fmt.Errorf("SMTP relay host username or password not set for PLAIN authentication (%s)", c)
 		}
+	} else if SMTPRelayConfig.Auth == "login" {
+		SMTPRelayConfig.Auth = "login"
+		if SMTPRelayConfig.Username == "" || SMTPRelayConfig.Password == "" {
+			return fmt.Errorf("SMTP relay host username or password not set for LOGIN authentication (%s)", c)
+		}
 	} else if strings.HasPrefix(SMTPRelayConfig.Auth, "cram") {
 		SMTPRelayConfig.Auth = "cram-md5"
 		if SMTPRelayConfig.Username == "" || SMTPRelayConfig.Secret == "" {
--- a/server/smtpd/smtp.go
+++ b/server/smtpd/smtp.go
@ -69,6 +69,10 @@ func Send(from string, to []string, msg []byte) error {
 		a = smtp.PlainAuth("", config.SMTPRelayConfig.Username, config.SMTPRelayConfig.Password, config.SMTPRelayConfig.Host)
 	}

+	if config.SMTPRelayConfig.Auth == "login" {
+		a = LoginAuth(config.SMTPRelayConfig.Username, config.SMTPRelayConfig.Password)
+	}
+
 	if config.SMTPRelayConfig.Auth == "cram-md5" {
 		a = smtp.CRAMMD5Auth(config.SMTPRelayConfig.Username, config.SMTPRelayConfig.Secret)
 	}
@ -103,3 +107,33 @@ func Send(from string, to []string, msg []byte) error {

 	return c.Quit()
 }
+
+// Custom implementation of LOGIN SMTP authentication
+// @see https://gist.github.com/andelf/5118732
+type loginAuth struct {
+	username, password string
+}
+
+// LoginAuth authentication
+func LoginAuth(username, password string) smtp.Auth {
+	return &loginAuth{username, password}
+}
+
+func (a *loginAuth) Start(server *smtp.ServerInfo) (string, []byte, error) {
+	return "LOGIN", []byte{}, nil
+}
+
+func (a *loginAuth) Next(fromServer []byte, more bool) ([]byte, error) {
+	if more {
+		switch string(fromServer) {
+		case "Username:":
+			return []byte(a.username), nil
+		case "Password:":
+			return []byte(a.password), nil
+		default:
+			return nil, errors.New("Unknown fromServer")
+		}
+	}
+
+	return nil, nil
+}