fix: smtp login

Author: ItsNotGoodName

internal/app/app.go

@@ -117,6 +117,10 @@ func New(
 
 var ErrorLogin = fmt.Errorf("login invalid")
 
+func (a App) AuthSMTPAnonymous() bool {
+	return a.config.AuthSMTP.Anonymous
+}
+
 // AuthHTTPAnonymous checks if anonymous access is allowed.
 func (a App) AuthHTTPAnonymous() bool {
 	return a.config.AuthHTTP.Anonymous

internal/core/app.go

@@ -23,31 +23,32 @@ type App interface {
 	AttachmentOrphanDelete(ctx context.Context, tracer trace.Tracer) error
 	AuthHTTPAnonymous() bool
 	AuthHTTPLogin(ctx context.Context, username, password string) (models.User, error)
+	AuthSMTPAnonymous() bool
 	AuthSMTPLogin(ctx context.Context, username, password string) error
 	EndpointList(ctx context.Context) ([]models.Endpoint, error)
 	EndpointTest(ctx context.Context, id int64) error
+	EnvelopeCount(ctx context.Context) (int, error)
 	EnvelopeCreate(ctx context.Context, msg models.DTOMessageCreate, datts []models.DTOAttachmentCreate) (int64, error)
 	EnvelopeDelete(ctx context.Context, id int64) error
 	EnvelopeDrop(ctx context.Context) error
 	EnvelopeGet(ctx context.Context, id int64) (models.Envelope, error)
 	EnvelopeList(ctx context.Context, page pagination.Page, req models.DTOEnvelopeListRequest) (models.DTOEnvelopeListResult, error)
 	EnvelopeSend(ctx context.Context, envelopeID int64, endpointID int64) error
-	EnvelopeCount(ctx context.Context) (int, error)
+	MailmanDequeue(ctx context.Context) (*models.Envelope, error)
+	MailmanEnqueue(ctx context.Context, envelopeID int64) error
 	MessageHTMLGet(ctx context.Context, id int64) (string, error)
 	RetentionPolicyGet(ctx context.Context) models.ConfigRetentionPolicy
 	RetentionPolicyRun(ctx context.Context, trace trace.Tracer) error
 	RuleCreate(ctx context.Context, req models.DTORuleCreate) (int64, error)
 	RuleDelete(ctx context.Context, id int64) error
+	RuleEndpointsGet(ctx context.Context, id int64) (models.RuleEndpoints, error)
 	RuleEndpointsList(ctx context.Context) ([]models.RuleEndpoints, error)
 	RuleExpressionCheck(ctx context.Context, expression string) error
 	RuleGet(ctx context.Context, id int64) (models.Rule, error)
-	RuleEndpointsGet(ctx context.Context, id int64) (models.RuleEndpoints, error)
 	RuleList(ctx context.Context) ([]models.Rule, error)
 	RuleUpdate(ctx context.Context, req models.DTORuleUpdate) error
 	StorageGet(ctx context.Context) (models.Storage, error)
 	TraceDrop(ctx context.Context) error
 	TraceList(ctx context.Context, page pagination.Page, req models.DTOTraceListRequest) (models.DTOTraceListResult, error)
 	Tracer(source string) trace.Tracer
-	MailmanEnqueue(ctx context.Context, envelopeID int64) error
-	MailmanDequeue(ctx context.Context) (*models.Envelope, error)
 }

smtp/backend.go

@@ -3,6 +3,7 @@ package smtp
 import (
 	"bytes"
 	"context"
+	"fmt"
 	"io"
 	"net/mail"
 
@@ -34,8 +35,11 @@ func (b *Backend) NewSession(state *smtp.Conn) (smtp.Session, error) {
 	tracer := b.app.Tracer(trace.SourceSMTP).Sticky(trace.WithAddress(address))
 	log := b.log.With().Str("address", address).Logger()
 
+	// log.Debug().Msg("NewSession")
+
 	return &session{
 		app:     b.app,
+		auth:    b.app.AuthSMTPAnonymous(),
 		log:     log,
 		tracer:  tracer,
 		address: address,
@@ -44,6 +48,7 @@ func (b *Backend) NewSession(state *smtp.Conn) (smtp.Session, error) {
 
 // A Session is returned after EHLO.
 type session struct {
+	auth    bool
 	app     core.App
 	log     zerolog.Logger
 	tracer  trace.Tracer
@@ -53,22 +58,44 @@ type session struct {
 }
 
 func (s *session) AuthPlain(username, password string) error {
-	return s.app.AuthSMTPLogin(context.Background(), username, password)
+	// s.log.Debug().Str("username", username).Str("password", password).Msg("AuthPlain")
+	err := s.app.AuthSMTPLogin(context.Background(), username, password)
+	if err != nil {
+		return smtp.ErrAuthFailed
+	}
+
+	s.auth = true
+	fmt.Println("1.1", s.auth)
+
+	return nil
 }
 
 func (s *session) Mail(from string, opts *smtp.MailOptions) error {
+	// s.log.Debug().Str("from", from).Msg("Mail")
+	if !s.auth {
+		return smtp.ErrAuthRequired
+	}
 	// log.Println("Mail from:", from)
 	s.from = from
 	return nil
 }
 
 func (s *session) Rcpt(to string, opts *smtp.RcptOptions) error {
+	// s.log.Debug().Str("to", to).Msg("Rcpt")
+	if !s.auth {
+		return smtp.ErrAuthRequired
+	}
 	// log.Println("Rcpt to:", to)
 	s.to = to
 	return nil
 }
 
 func (s *session) Data(r io.Reader) error {
+	// s.log.Debug().Msg("Data")
+	if !s.auth {
+		return smtp.ErrAuthRequired
+	}
+
 	e, err := enmime.ReadEnvelope(r)
 	if err != nil {
 		log.Error().Err(err).Msg("Failed to read envelope")
@@ -127,8 +154,11 @@ func (s *session) Data(r io.Reader) error {
 	return nil
 }
 
-func (s *session) Reset() {}
+func (s *session) Reset() {
+	// s.log.Debug().Msg("Reset")
+}
 
 func (s *session) Logout() error {
+	// s.log.Debug().Msg("Logout")
 	return nil
 }

smtp/utils.go

@@ -10,12 +10,12 @@ func enableMechLogin(be smtp.Backend, s *smtp.Server) {
 	// Adapted from https://github.com/emersion/go-smtp/issues/41#issuecomment-493601465
 	s.EnableAuth(sasl.Login, func(conn *smtp.Conn) sasl.Server {
 		return sasl.NewLoginServer(func(username, password string) error {
-			session, err := be.NewSession(conn)
-			if err != nil {
-				return err
+			sess := conn.Session()
+			if sess == nil {
+				panic("No session when AUTH is called")
 			}
 
-			return session.AuthPlain(username, password)
+			return sess.AuthPlain(username, password)
 		})
 	})
 }