From 14d799e750a4b4d89a20dc712f6996e8b5b357d5 Mon Sep 17 00:00:00 2001 From: Gabriel Enrico Date: Tue, 29 Aug 2023 11:37:30 -0400 Subject: [PATCH] fix: Allow Auth over non-TLS SMTP connections (#6402) * fix: Allow Auth over non-TLS SMTP connections * remove unused struct --------- Co-authored-by: Kitsune Co-authored-by: Livio Spring --- .../notification/channels/smtp/channel.go | 4 +++- .../notification/channels/smtp/plain_auth.go | 22 +++++++++++++++++++ 2 files changed, 25 insertions(+), 1 deletion(-) create mode 100644 internal/notification/channels/smtp/plain_auth.go diff --git a/internal/notification/channels/smtp/channel.go b/internal/notification/channels/smtp/channel.go index 099bc1d969..5d8542ea3a 100644 --- a/internal/notification/channels/smtp/channel.go +++ b/internal/notification/channels/smtp/channel.go @@ -159,7 +159,9 @@ func (smtpConfig SMTP) smtpAuth(client *smtp.Client, host string) error { return nil } // Auth - auth := smtp.PlainAuth("", smtpConfig.User, smtpConfig.Password, host) + auth := unencryptedAuth{ + smtp.PlainAuth("", smtpConfig.User, smtpConfig.Password, host), + } err := client.Auth(auth) if err != nil { return caos_errs.ThrowInternalf(err, "EMAIL-s9kfs", "could not add smtp auth for user %s", smtpConfig.User) diff --git a/internal/notification/channels/smtp/plain_auth.go b/internal/notification/channels/smtp/plain_auth.go new file mode 100644 index 0000000000..76fde3ec8f --- /dev/null +++ b/internal/notification/channels/smtp/plain_auth.go @@ -0,0 +1,22 @@ +package smtp + +import ( + "net/smtp" +) + +type unencryptedAuth struct { + smtp.Auth +} + +// PlainAuth returns an Auth that implements the PLAIN authentication +// mechanism as defined in RFC 4616. The returned Auth uses the given +// username and password to authenticate to host and act as identity. +// Usually identity should be the empty string, to act as username. +// +// This reimplementation allows it to work over non-TLS connections + +func (a unencryptedAuth) Start(server *smtp.ServerInfo) (string, []byte, error) { + s := *server + s.TLS = true + return a.Auth.Start(&s) +}