go-kit
/
gomail
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Dialer.Dial() now automatically uses CRAM-MD5 when it's available 

Also deprecated NewPlainDialer() in favor of NewDialer().

Fixes #52
This commit is contained in:
Alexandre Cesaro 2016-03-06 19:17:01 +01:00
parent 6ea1c86967
commit 5ceb8e6541
6 changed files with 120 additions and 227 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
README.md
View File

@ -60,7 +60,7 @@ bypass the verification of the server's certificate chain and host name by using
) )
func main() { func main() {
d := gomail.NewPlainDialer("smtp.example.com", 587, "user", "123456") d := gomail.NewDialer("smtp.example.com", 587, "user", "123456")
d.TLSConfig = &tls.Config{InsecureSkipVerify: true} d.TLSConfig = &tls.Config{InsecureSkipVerify: true}
// Send emails using d. // Send emails using d.

52
auth.go
View File

@ -7,51 +7,33 @@ import (
"net/smtp" "net/smtp"
) )
// plainAuth is an smtp.Auth that implements the PLAIN authentication mechanism. // loginAuth is an smtp.Auth that implements the LOGIN authentication mechanism.
// It fallbacks to the LOGIN mechanism if it is the only mechanism advertised type loginAuth struct {
// by the server.
type plainAuth struct {
username string username string
password string password string
host string host string
login bool
} }
func (a *plainAuth) Start(server *smtp.ServerInfo) (string, []byte, error) { func (a *loginAuth) Start(server *smtp.ServerInfo) (string, []byte, error) {
if !server.TLS {
advertised := false
for _, mechanism := range server.Auth {
if mechanism == "LOGIN" {
advertised = true
break
}
}
if !advertised {
return "", nil, errors.New("gomail: unencrypted connection")
}
}
if server.Name != a.host { if server.Name != a.host {
return "", nil, errors.New("gomail: wrong host name") return "", nil, errors.New("gomail: wrong host name")
} }
return "LOGIN", nil, nil
var plain, login bool
for _, a := range server.Auth {
switch a {
case "PLAIN":
plain = true
case "LOGIN":
login = true
}
}
if !server.TLS && !plain && !login {
return "", nil, errors.New("gomail: unencrypted connection")
}
if !plain && login {
a.login = true
return "LOGIN", nil, nil
}
return "PLAIN", []byte("\x00" + a.username + "\x00" + a.password), nil
} }
func (a *plainAuth) Next(fromServer []byte, more bool) ([]byte, error) { func (a *loginAuth) Next(fromServer []byte, more bool) ([]byte, error) {
if !a.login {
if more {
return nil, errors.New("gomail: unexpected server challenge")
}
return nil, nil
}
if !more { if !more {
return nil, nil return nil, nil
} }

88
auth_test.go
View File

@ -11,103 +11,51 @@ const (
testHost = "smtp.example.com" testHost = "smtp.example.com"
) )
var testAuth = &plainAuth{ type authTest struct {
username: testUser,
password: testPwd,
host: testHost,
}
type plainAuthTest struct {
auths []string auths []string
challenges []string challenges []string
tls bool tls bool
wantProto string
wantData []string wantData []string
wantError bool wantError bool
} }
func TestNoAdvertisement(t *testing.T) { func TestNoAdvertisement(t *testing.T) {
testPlainAuth(t, &plainAuthTest{ testLoginAuth(t, &authTest{
auths: []string{}, auths: []string{},
challenges: []string{"Username:", "Password:"}, tls: false,
tls: false, wantError: true,
wantProto: "PLAIN",
wantError: true,
}) })
} }
func TestNoAdvertisementTLS(t *testing.T) { func TestNoAdvertisementTLS(t *testing.T) {
testPlainAuth(t, &plainAuthTest{ testLoginAuth(t, &authTest{
auths: []string{}, auths: []string{},
challenges: []string{"Username:", "Password:"}, challenges: []string{"Username:", "Password:"},
tls: true, tls: true,
wantProto: "PLAIN", wantData: []string{"", testUser, testPwd},
wantData: []string{"\x00" + testUser + "\x00" + testPwd},
})
}
func TestPlain(t *testing.T) {
testPlainAuth(t, &plainAuthTest{
auths: []string{"PLAIN"},
challenges: []string{"Username:", "Password:"},
tls: false,
wantProto: "PLAIN",
wantData: []string{"\x00" + testUser + "\x00" + testPwd},
})
}
func TestPlainTLS(t *testing.T) {
testPlainAuth(t, &plainAuthTest{
auths: []string{"PLAIN"},
challenges: []string{"Username:", "Password:"},
tls: true,
wantProto: "PLAIN",
wantData: []string{"\x00" + testUser + "\x00" + testPwd},
})
}
func TestPlainAndLogin(t *testing.T) {
testPlainAuth(t, &plainAuthTest{
auths: []string{"PLAIN", "LOGIN"},
challenges: []string{"Username:", "Password:"},
tls: false,
wantProto: "PLAIN",
wantData: []string{"\x00" + testUser + "\x00" + testPwd},
})
}
func TestPlainAndLoginTLS(t *testing.T) {
testPlainAuth(t, &plainAuthTest{
auths: []string{"PLAIN", "LOGIN"},
challenges: []string{"Username:", "Password:"},
tls: true,
wantProto: "PLAIN",
wantData: []string{"\x00" + testUser + "\x00" + testPwd},
}) })
} }
func TestLogin(t *testing.T) { func TestLogin(t *testing.T) {
testPlainAuth(t, &plainAuthTest{ testLoginAuth(t, &authTest{
auths: []string{"LOGIN"}, auths: []string{"PLAIN", "LOGIN"},
challenges: []string{"Username:", "Password:"}, challenges: []string{"Username:", "Password:"},
tls: false, tls: false,
wantProto: "LOGIN",
wantData: []string{"", testUser, testPwd}, wantData: []string{"", testUser, testPwd},
}) })
} }
func TestLoginTLS(t *testing.T) { func TestLoginTLS(t *testing.T) {
testPlainAuth(t, &plainAuthTest{ testLoginAuth(t, &authTest{
auths: []string{"LOGIN"}, auths: []string{"LOGIN"},
challenges: []string{"Username:", "Password:"}, challenges: []string{"Username:", "Password:"},
tls: true, tls: true,
wantProto: "LOGIN",
wantData: []string{"", testUser, testPwd}, wantData: []string{"", testUser, testPwd},
}) })
} }
func testPlainAuth(t *testing.T, test *plainAuthTest) { func testLoginAuth(t *testing.T, test *authTest) {
auth := &plainAuth{ auth := &loginAuth{
username: testUser, username: testUser,
password: testPwd, password: testPwd,
host: testHost, host: testHost,
@ -119,13 +67,13 @@ func testPlainAuth(t *testing.T, test *plainAuthTest) {
} }
proto, toServer, err := auth.Start(server) proto, toServer, err := auth.Start(server)
if err != nil && !test.wantError { if err != nil && !test.wantError {
t.Fatalf("plainAuth.Start(): %v", err) t.Fatalf("loginAuth.Start(): %v", err)
} }
if err != nil && test.wantError { if err != nil && test.wantError {
return return
} }
if proto != test.wantProto { if proto != "LOGIN" {
t.Errorf("invalid protocol, got %q, want %q", proto, test.wantProto) t.Errorf("invalid protocol, got %q, want LOGIN", proto)
} }
i := 0 i := 0
@ -134,10 +82,6 @@ func testPlainAuth(t *testing.T, test *plainAuthTest) {
t.Errorf("Invalid response, got %q, want %q", got, test.wantData[i]) t.Errorf("Invalid response, got %q, want %q", got, test.wantData[i])
} }
if proto == "PLAIN" {
return
}
for _, challenge := range test.challenges { for _, challenge := range test.challenges {
i++ i++
if i >= len(test.wantData) { if i >= len(test.wantData) {
@ -146,7 +90,7 @@ func testPlainAuth(t *testing.T, test *plainAuthTest) {
toServer, err = auth.Next([]byte(challenge), true) toServer, err = auth.Next([]byte(challenge), true)
if err != nil { if err != nil {
t.Fatalf("plainAuth.Auth(): %v", err) t.Fatalf("loginAuth.Auth(): %v", err)
} }
got = string(toServer) got = string(toServer)
if got != test.wantData[i] { if got != test.wantData[i] {

25
example_test.go
View File

@ -5,7 +5,6 @@ import (
"html/template" "html/template"
"io" "io"
"log" "log"
"net/smtp"
"time" "time"
"gopkg.in/gomail.v2" "gopkg.in/gomail.v2"
@ -20,7 +19,7 @@ func Example() {
m.SetBody("text/html", "Hello <b>Bob</b> and <i>Cora</i>!") m.SetBody("text/html", "Hello <b>Bob</b> and <i>Cora</i>!")
m.Attach("/home/Alex/lolcat.jpg") m.Attach("/home/Alex/lolcat.jpg")
d := gomail.NewPlainDialer("smtp.example.com", 587, "user", "123456") d := gomail.NewDialer("smtp.example.com", 587, "user", "123456")
// Send the email to Bob, Cora and Dan. // Send the email to Bob, Cora and Dan.
if err := d.DialAndSend(m); err != nil { if err := d.DialAndSend(m); err != nil {
@ -33,7 +32,7 @@ func Example_daemon() {
ch := make(chan *gomail.Message) ch := make(chan *gomail.Message)
go func() { go func() {
d := gomail.NewPlainDialer("smtp.example.com", 587, "user", "123456") d := gomail.NewDialer("smtp.example.com", 587, "user", "123456")
var s gomail.SendCloser var s gomail.SendCloser
var err error var err error
@ -80,7 +79,7 @@ func Example_newsletter() {
Address string Address string
} }
d := gomail.NewPlainDialer("smtp.example.com", 587, "user", "123456") d := gomail.NewDialer("smtp.example.com", 587, "user", "123456")
s, err := d.Dial() s, err := d.Dial()
if err != nil { if err != nil {
panic(err) panic(err)
@ -114,24 +113,6 @@ func Example_noAuth() {
} }
} }
// Send an email using the CRAM-MD5 authentication mechanism.
func Example_cRAMMD5() {
m := gomail.NewMessage()
m.SetHeader("From", "from@example.com")
m.SetHeader("To", "to@example.com")
m.SetHeader("Subject", "Hello!")
m.SetBody("text/plain", "Hello!")
d := gomail.Dialer{
Host: "localhost",
Port: 587,
Auth: smtp.CRAMMD5Auth("username", "secret"),
}
if err := d.DialAndSend(m); err != nil {
panic(err)
}
}
// Send an email using an API or postfix. // Send an email using an API or postfix.
func Example_noSMTP() { func Example_noSMTP() {
m := gomail.NewMessage() m := gomail.NewMessage()

126
smtp.go
View File

@ -6,6 +6,7 @@ import (
"io" "io"
"net" "net"
"net/smtp" "net/smtp"
"strings"
) )
// A Dialer is a dialer to an SMTP server. // A Dialer is a dialer to an SMTP server.
@ -14,6 +15,10 @@ type Dialer struct {
Host string Host string
// Port represents the port of the SMTP server. // Port represents the port of the SMTP server.
Port int Port int
// Username is the username to use to authenticate to the SMTP server.
Username string
// Password is the password to use to authenticate to the SMTP server.
Password string
// Auth represents the authentication mechanism used to authenticate to the // Auth represents the authentication mechanism used to authenticate to the
// SMTP server. // SMTP server.
Auth smtp.Auth Auth smtp.Auth
@ -29,98 +34,89 @@ type Dialer struct {
LocalName string LocalName string
} }
// NewPlainDialer returns a Dialer. The given parameters are used to connect to // NewDialer returns a new SMTP Dialer. The given parameters are used to connect
// the SMTP server via a PLAIN authentication mechanism. // to the SMTP server.
// func NewDialer(host string, port int, username, password string) *Dialer {
// It fallbacks to the LOGIN mechanism if it is the only mechanism advertised by
// the server.
func NewPlainDialer(host string, port int, username, password string) *Dialer {
return &Dialer{ return &Dialer{
Host: host, Host: host,
Port: port, Port: port,
Auth: &plainAuth{ Username: username,
username: username, Password: password,
password: password, SSL: port == 465,
host: host,
},
SSL: port == 465,
} }
} }
// NewPlainDialer returns a new SMTP Dialer. The given parameters are used to
// connect to the SMTP server.
//
// Deprecated: Use NewDialer instead.
func NewPlainDialer(host string, port int, username, password string) *Dialer {
return NewDialer(host, port, username, password)
}
// Dial dials and authenticates to an SMTP server. The returned SendCloser // Dial dials and authenticates to an SMTP server. The returned SendCloser
// should be closed when done using it. // should be closed when done using it.
func (d *Dialer) Dial() (SendCloser, error) { func (d *Dialer) Dial() (SendCloser, error) {
c, err := d.dial() conn, err := netDial("tcp", addr(d.Host, d.Port))
if err != nil { if err != nil {
return nil, err return nil, err
} }
if d.Auth != nil { if d.SSL {
if ok, _ := c.Extension("AUTH"); ok { conn = tlsClient(conn, d.tlsConfig())
if err = c.Auth(d.Auth); err != nil { }
c, err := smtpNewClient(conn, d.Host)
if err != nil {
return nil, err
}
if d.LocalName != "" {
if err := c.Hello(d.LocalName); err != nil {
return nil, err
}
}
if !d.SSL {
if ok, _ := c.Extension("STARTTLS"); ok {
if err := c.StartTLS(d.tlsConfig()); err != nil {
c.Close() c.Close()
return nil, err return nil, err
} }
} }
} }
return &smtpSender{c}, nil if d.Auth == nil && d.Username != "" {
} if ok, auths := c.Extension("AUTH"); ok {
if strings.Contains(auths, "CRAM-MD5") {
func (d *Dialer) dial() (smtpClient, error) { d.Auth = smtp.CRAMMD5Auth(d.Username, d.Password)
if d.SSL { } else if strings.Contains(auths, "LOGIN") &&
return d.sslDial() !strings.Contains(auths, "PLAIN") {
} d.Auth = &loginAuth{
return d.starttlsDial() username: d.Username,
} password: d.Password,
host: d.Host,
func (d *Dialer) starttlsDial() (smtpClient, error) { }
c, err := smtpDial(addr(d.Host, d.Port)) } else {
if err != nil { d.Auth = smtp.PlainAuth("", d.Username, d.Password, d.Host)
return nil, err }
}
if d.LocalName != "" {
if err := c.Hello(d.LocalName); err != nil {
return nil, err
} }
} }
if ok, _ := c.Extension("STARTTLS"); ok { if d.Auth != nil {
if err := c.StartTLS(d.tlsConfig()); err != nil { if err = c.Auth(d.Auth); err != nil {
c.Close() c.Close()
return nil, err return nil, err
} }
} }
return c, nil return &smtpSender{c}, nil
}
func (d *Dialer) sslDial() (smtpClient, error) {
conn, err := tlsDial("tcp", addr(d.Host, d.Port), d.tlsConfig())
if err != nil {
return nil, err
}
c, err := newClient(conn, d.Host)
if err != nil {
return nil, err
}
if d.LocalName != "" {
if err := c.Hello(d.LocalName); err != nil {
return nil, err
}
}
return c, nil
} }
func (d *Dialer) tlsConfig() *tls.Config { func (d *Dialer) tlsConfig() *tls.Config {
if d.TLSConfig == nil { if d.TLSConfig == nil {
return &tls.Config{ServerName: d.Host} return &tls.Config{ServerName: d.Host}
} }
return d.TLSConfig return d.TLSConfig
} }
@ -174,11 +170,9 @@ func (c *smtpSender) Close() error {
// Stubbed out for tests. // Stubbed out for tests.
var ( var (
smtpDial = func(addr string) (smtpClient, error) { netDial = net.Dial
return smtp.Dial(addr) tlsClient = tls.Client
} smtpNewClient = func(conn net.Conn, host string) (smtpClient, error) {
tlsDial = tls.Dial
newClient = func(conn net.Conn, host string) (smtpClient, error) {
return smtp.NewClient(conn, host) return smtp.NewClient(conn, host)
} }
) )

54
smtp_test.go
View File

@ -16,12 +16,14 @@ const (
) )
var ( var (
testConn = &net.TCPConn{}
testTLSConn = &tls.Conn{} testTLSConn = &tls.Conn{}
testConfig = &tls.Config{InsecureSkipVerify: true} testConfig = &tls.Config{InsecureSkipVerify: true}
testAuth = smtp.PlainAuth("", testUser, testPwd, testHost)
) )
func TestDialer(t *testing.T) { func TestDialer(t *testing.T) {
d := NewPlainDialer(testHost, testPort, "user", "pwd") d := NewDialer(testHost, testPort, "user", "pwd")
testSendMail(t, d, []string{ testSendMail(t, d, []string{
"Extension STARTTLS", "Extension STARTTLS",
"StartTLS", "StartTLS",
@ -39,7 +41,7 @@ func TestDialer(t *testing.T) {
} }
func TestDialerSSL(t *testing.T) { func TestDialerSSL(t *testing.T) {
d := NewPlainDialer(testHost, testSSLPort, "user", "pwd") d := NewDialer(testHost, testSSLPort, "user", "pwd")
testSendMail(t, d, []string{ testSendMail(t, d, []string{
"Extension AUTH", "Extension AUTH",
"Auth", "Auth",
@ -55,7 +57,7 @@ func TestDialerSSL(t *testing.T) {
} }
func TestDialerConfig(t *testing.T) { func TestDialerConfig(t *testing.T) {
d := NewPlainDialer(testHost, testPort, "user", "pwd") d := NewDialer(testHost, testPort, "user", "pwd")
d.LocalName = "test" d.LocalName = "test"
d.TLSConfig = testConfig d.TLSConfig = testConfig
testSendMail(t, d, []string{ testSendMail(t, d, []string{
@ -76,7 +78,7 @@ func TestDialerConfig(t *testing.T) {
} }
func TestDialerSSLConfig(t *testing.T) { func TestDialerSSLConfig(t *testing.T) {
d := NewPlainDialer(testHost, testSSLPort, "user", "pwd") d := NewDialer(testHost, testSSLPort, "user", "pwd")
d.LocalName = "test" d.LocalName = "test"
d.TLSConfig = testConfig d.TLSConfig = testConfig
testSendMail(t, d, []string{ testSendMail(t, d, []string{
@ -118,7 +120,6 @@ type mockClient struct {
i int i int
want []string want []string
addr string addr string
auth smtp.Auth
config *tls.Config config *tls.Config
} }
@ -139,7 +140,9 @@ func (c *mockClient) StartTLS(config *tls.Config) error {
} }
func (c *mockClient) Auth(a smtp.Auth) error { func (c *mockClient) Auth(a smtp.Auth) error {
assertAuth(c.t, a, c.auth) if !reflect.DeepEqual(a, testAuth) {
c.t.Errorf("Invalid auth, got %#v, want %#v", a, testAuth)
}
c.do("Auth") c.do("Auth")
return nil return nil
} }
@ -205,28 +208,29 @@ func testSendMail(t *testing.T, d *Dialer, want []string) {
t: t, t: t,
want: want, want: want,
addr: addr(d.Host, d.Port), addr: addr(d.Host, d.Port),
auth: testAuth,
config: d.TLSConfig, config: d.TLSConfig,
} }
smtpDial = func(addr string) (smtpClient, error) { netDial = func(network, address string) (net.Conn, error) {
assertAddr(t, addr, testClient.addr)
return testClient, nil
}
tlsDial = func(network, addr string, config *tls.Config) (*tls.Conn, error) {
if network != "tcp" { if network != "tcp" {
t.Errorf("Invalid network, got %q, want tcp", network) t.Errorf("Invalid network, got %q, want tcp", network)
} }
assertAddr(t, addr, testClient.addr) if address != testClient.addr {
assertConfig(t, config, testClient.config) t.Errorf("Invalid address, got %q, want %q",
return testTLSConn, nil address, testClient.addr)
}
return testConn, nil
} }
newClient = func(conn net.Conn, host string) (smtpClient, error) { tlsClient = func(conn net.Conn, config *tls.Config) *tls.Conn {
if conn != testTLSConn { if conn != testConn {
t.Error("Invalid TLS connection used") t.Errorf("Invalid conn, got %#v, want %#v", conn, testConn)
} }
assertConfig(t, config, testClient.config)
return testTLSConn
}
smtpNewClient = func(conn net.Conn, host string) (smtpClient, error) {
if host != testHost { if host != testHost {
t.Errorf("Invalid host, got %q, want %q", host, testHost) t.Errorf("Invalid host, got %q, want %q", host, testHost)
} }
@ -238,18 +242,6 @@ func testSendMail(t *testing.T, d *Dialer, want []string) {
} }
} }
func assertAuth(t *testing.T, got, want smtp.Auth) {
if !reflect.DeepEqual(got, want) {
t.Errorf("Invalid auth, got %#v, want %#v", got, want)
}
}
func assertAddr(t *testing.T, got, want string) {
if got != want {
t.Errorf("Invalid addr, got %q, want %q", got, want)
}
}
func assertConfig(t *testing.T, got, want *tls.Config) { func assertConfig(t *testing.T, got, want *tls.Config) {
if want == nil { if want == nil {
want = &tls.Config{ServerName: testHost} want = &tls.Config{ServerName: testHost}