mirror of
https://github.com/foxcpp/maddy.git
synced 2025-04-04 21:47:40 +03:00
78e4600a17
1. go-smtp is replaced by a fork that reverts StartTLS removal. 2. SASL LOGIN is no longer supported by upstream go-sasl, readded disabled by default. 3. Updated endpoint code to match new go-smtp authentication interfaces. 4. certmagic repo had some renames 5. Minimum Go version increased to 1.23 to match dependencies.
54 lines
1.4 KiB
Go
54 lines
1.4 KiB
Go
package sasllogin
|
|
|
|
import "github.com/emersion/go-sasl"
|
|
|
|
// Copy-pasted from old emersion/go-sasl version
|
|
|
|
// Authenticates users with an username and a password.
|
|
type LoginAuthenticator func(username, password string) error
|
|
type loginState int
|
|
|
|
const (
|
|
loginNotStarted loginState = iota
|
|
loginWaitingUsername
|
|
loginWaitingPassword
|
|
)
|
|
|
|
type loginServer struct {
|
|
state loginState
|
|
username, password string
|
|
authenticate LoginAuthenticator
|
|
}
|
|
|
|
// A server implementation of the LOGIN authentication mechanism, as described
|
|
// in https://tools.ietf.org/html/draft-murchison-sasl-login-00.
|
|
//
|
|
// LOGIN is obsolete and should only be enabled for legacy clients that cannot
|
|
// be updated to use PLAIN.
|
|
func NewLoginServer(authenticator LoginAuthenticator) sasl.Server {
|
|
return &loginServer{authenticate: authenticator}
|
|
}
|
|
|
|
func (a *loginServer) Next(response []byte) (challenge []byte, done bool, err error) {
|
|
switch a.state {
|
|
case loginNotStarted:
|
|
// Check for initial response field, as per RFC4422 section 3
|
|
if response == nil {
|
|
challenge = []byte("Username:")
|
|
break
|
|
}
|
|
a.state++
|
|
fallthrough
|
|
case loginWaitingUsername:
|
|
a.username = string(response)
|
|
challenge = []byte("Password:")
|
|
case loginWaitingPassword:
|
|
a.password = string(response)
|
|
err = a.authenticate(a.username, a.password)
|
|
done = true
|
|
default:
|
|
err = sasl.ErrUnexpectedClientResponse
|
|
}
|
|
a.state++
|
|
return
|
|
}
|