mirror of
https://github.com/mjl-/mox.git
synced 2024-12-27 08:53:48 +03:00
for the smtp login method, use challenges "Username:" and "Password:" as attempt to improve interoperability
there is only an internet-draft about the required behaviour. it says clients should ignore the strings. some clients do check the string. most servers appear to use "Username:" and "Password:" as challenge. we'll follow them, hoping to improve interoperability. for issue #223 by gdunstone, and with analysis from wneessen of go-mail. thanks!
This commit is contained in:
parent
bbc419c6ab
commit
7ecc3f68ce
1 changed files with 4 additions and 3 deletions
|
@ -1136,16 +1136,17 @@ func (c *conn) cmdAuth(p *parser) {
|
||||||
|
|
||||||
// Read user name. The I-D says the client should ignore the server challenge, but
|
// Read user name. The I-D says the client should ignore the server challenge, but
|
||||||
// also that some clients may require challenge "Username:" instead of "User
|
// also that some clients may require challenge "Username:" instead of "User
|
||||||
// Name". We can't sent both...
|
// Name". We can't sent both... Servers most commonly return "Username:" and
|
||||||
|
// "Password:", so we do the same.
|
||||||
// I-D says maximum length must be 64 bytes. We allow more, for long user names
|
// I-D says maximum length must be 64 bytes. We allow more, for long user names
|
||||||
// (domains).
|
// (domains).
|
||||||
encChal := base64.StdEncoding.EncodeToString([]byte("User Name"))
|
encChal := base64.StdEncoding.EncodeToString([]byte("Username:"))
|
||||||
username := string(xreadInitial(encChal))
|
username := string(xreadInitial(encChal))
|
||||||
username = norm.NFC.String(username)
|
username = norm.NFC.String(username)
|
||||||
|
|
||||||
// Again, client should ignore the challenge, we send the same as the example in
|
// Again, client should ignore the challenge, we send the same as the example in
|
||||||
// the I-D.
|
// the I-D.
|
||||||
c.writelinef("%d %s", smtp.C334ContinueAuth, base64.StdEncoding.EncodeToString([]byte("Password")))
|
c.writelinef("%d %s", smtp.C334ContinueAuth, base64.StdEncoding.EncodeToString([]byte("Password:")))
|
||||||
|
|
||||||
// Password is in line in plain text, so hide it.
|
// Password is in line in plain text, so hide it.
|
||||||
defer c.xtrace(mlog.LevelTraceauth)()
|
defer c.xtrace(mlog.LevelTraceauth)()
|
||||||
|
|
Loading…
Reference in a new issue