From 968926f6c9bc6938e630738e580ecea86ad555b3 Mon Sep 17 00:00:00 2001 From: Simon Ser Date: Thu, 28 Mar 2024 16:35:16 +0100 Subject: [PATCH] Drop Session.AuthPlain Server backends now need to implement the AuthSession interface if they want to enable SASL PLAIN authentication. --- backend.go | 3 --- backendutil/transform.go | 15 +++++++++++++-- backendutil/transform_test.go | 22 ++++++++++++++++------ conn.go | 20 ++------------------ server_test.go | 24 ++++++++++++++++++------ 5 files changed, 49 insertions(+), 35 deletions(-) diff --git a/backend.go b/backend.go index e2deb58e..f1beb203 100644 --- a/backend.go +++ b/backend.go @@ -55,9 +55,6 @@ type Session interface { // Free all resources associated with session. Logout() error - // Authenticate the user using SASL PLAIN. - AuthPlain(username, password string) error - // Set return path for currently processed message. Mail(from string, opts *MailOptions) error // Add recipient for currently processed message. diff --git a/backendutil/transform.go b/backendutil/transform.go index b3ce429f..93454c47 100755 --- a/backendutil/transform.go +++ b/backendutil/transform.go @@ -3,6 +3,7 @@ package backendutil import ( "io" + "github.com/emersion/go-sasl" "github.com/emersion/go-smtp" ) @@ -33,8 +34,18 @@ func (s *transformSession) Reset() { s.Session.Reset() } -func (s *transformSession) AuthPlain(username, password string) error { - return s.Session.AuthPlain(username, password) +func (s *transformSession) AuthMechanisms() []string { + if authSession, ok := s.Session.(smtp.AuthSession); ok { + return authSession.AuthMechanisms() + } + return nil +} + +func (s *transformSession) Auth(mech string) (sasl.Server, error) { + if authSession, ok := s.Session.(smtp.AuthSession); ok { + return authSession.Auth(mech) + } + return nil, smtp.ErrAuthUnsupported } func (s *transformSession) Mail(from string, opts *smtp.MailOptions) error { diff --git a/backendutil/transform_test.go b/backendutil/transform_test.go index 0c742c13..123df134 100755 --- a/backendutil/transform_test.go +++ b/backendutil/transform_test.go @@ -10,6 +10,7 @@ import ( "strings" "testing" + "github.com/emersion/go-sasl" "github.com/emersion/go-smtp" "github.com/emersion/go-smtp/backendutil" ) @@ -48,12 +49,21 @@ func (s *session) Logout() error { return nil } -func (s *session) AuthPlain(username, password string) error { - if username != "username" || password != "password" { - return errors.New("Invalid username or password") - } - s.anonymous = false - return nil +func (s *session) AuthMechanisms() []string { + return []string{sasl.Plain} +} + +func (s *session) Auth(mech string) (sasl.Server, error) { + return sasl.NewPlainServer(func(identity, username, password string) error { + if identity != "" && identity != username { + return errors.New("Invalid identity") + } + if username != "username" || password != "password" { + return errors.New("Invalid username or password") + } + s.anonymous = false + return nil + }), nil } func (s *session) Mail(from string, opts *smtp.MailOptions) error { diff --git a/conn.go b/conn.go index 9ea7290b..ae2c6c20 100644 --- a/conn.go +++ b/conn.go @@ -856,30 +856,14 @@ func (c *Conn) authMechanisms() []string { if authSession, ok := c.Session().(AuthSession); ok { return authSession.AuthMechanisms() } - return []string{sasl.Plain} + return nil } func (c *Conn) auth(mech string) (sasl.Server, error) { if authSession, ok := c.Session().(AuthSession); ok { return authSession.Auth(mech) } - - if mech != sasl.Plain { - return nil, ErrAuthUnknownMechanism - } - - return sasl.NewPlainServer(func(identity, username, password string) error { - if identity != "" && identity != username { - return errors.New("identities not supported") - } - - sess := c.Session() - if sess == nil { - panic("No session when AUTH is called") - } - - return sess.AuthPlain(username, password) - }), nil + return nil, ErrAuthUnknownMechanism } func (c *Conn) handleStartTLS() { diff --git a/server_test.go b/server_test.go index 4e0fc2fb..03243fb4 100644 --- a/server_test.go +++ b/server_test.go @@ -12,6 +12,7 @@ import ( "strings" "testing" + "github.com/emersion/go-sasl" "github.com/emersion/go-smtp" ) @@ -66,12 +67,23 @@ type session struct { msg *message } -func (s *session) AuthPlain(username, password string) error { - if username != "username" || password != "password" { - return errors.New("Invalid username or password") - } - s.anonymous = false - return nil +var _ smtp.AuthSession = (*session)(nil) + +func (s *session) AuthMechanisms() []string { + return []string{sasl.Plain} +} + +func (s *session) Auth(mech string) (sasl.Server, error) { + return sasl.NewPlainServer(func(identity, username, password string) error { + if identity != "" && identity != username { + return errors.New("Invalid identity") + } + if username != "username" || password != "password" { + return errors.New("Invalid username or password") + } + s.anonymous = false + return nil + }), nil } func (s *session) Reset() {