lupine/crockery
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Forbid logins on the SMTP-STARTTLS port

Browse Source 
Also, introduce the outline of a framework to handle message sending
differently to message receipt.
This commit is contained in:
Nick Thomas
2018-03-06 01:32:06 +00:00
parent bf9df9fc9f
commit 697e90ab99
4 changed files with 71 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
internal/smtp/receiver.go Normal file
View File

@@ -0,0 +1,20 @@
package smtp
import (
"fmt"
"io"
)
type Receiver struct{}
func (r *Receiver) Name() string {
return "smtp-starttls"
}
// It seems odd to have a Receiver called Send, but what we're looking for is an
// attempt from an arbitrary source to send an email to known accounts.
//
// We might want to clean this interface
func (r *Receiver) Send(from string, to []string, reader io.Reader) error {
return fmt.Errorf("Not yet implemented")
}

21
internal/smtp/sender.go Normal file
View File

@@ -0,0 +1,21 @@
package smtp
import (
"fmt"
"io"
)
type Sender struct{}
func (s *Sender) Name() string {
return "submission-starttls"
}
// We're looking for the email to be from a logged-in account, to anywhere
// on the internet - including locally!
//
// Should we handle local delivery differently to remote delivery, or connect
// to ourselves, i.e., from submission, to smtp?
func (s *Sender) Send(from string, to []string, reader io.Reader) error {
return fmt.Errorf("Not yet implemented")
}

25
internal/smtp/server.go
View File

@@ -29,10 +29,11 @@ func NewServer(cancel context.CancelFunc, datastore store.Interface, submission
out.server.TLSConfig = datastore.TLSConfig() out.server.TLSConfig = datastore.TLSConfig()
if submission { if submission {
out.name = "submission" out.handler = &Sender{}
out.server.Addr = ":587" out.server.Addr = ":587"
out.allowLogin = true // Only allow login on submission ports
} else { } else {
out.name = "SMTP" out.handler = &Receiver{}
out.server.Addr = ":25" out.server.Addr = ":25"
} }
@@ -40,10 +41,12 @@ func NewServer(cancel context.CancelFunc, datastore store.Interface, submission
} }
type concrete struct { type concrete struct {
name string name string
cancel context.CancelFunc cancel context.CancelFunc
store store.Interface store store.Interface
server *smtp.Server server *smtp.Server
handler Handler
allowLogin bool
// Session IDs // Session IDs
sid uint64 sid uint64
@@ -61,6 +64,10 @@ func (c *concrete) Run() {
// backend implementation for go-smtp // backend implementation for go-smtp
func (c *concrete) Login(user, pass string) (smtp.User, error) { func (c *concrete) Login(user, pass string) (smtp.User, error) {
if !c.allowLogin {
return nil, fmt.Errorf("Login is disabled")
}
account, err := c.store.FindAccountWithPassword(user, pass) account, err := c.store.FindAccountWithPassword(user, pass)
if err != nil { if err != nil {
// Lo the real error, but don't show it to the end user // Lo the real error, but don't show it to the end user
@@ -69,9 +76,9 @@ func (c *concrete) Login(user, pass string) (smtp.User, error) {
} }
session := &Session{ session := &Session{
ID: atomic.AddUint64(&c.sid, uint64(1)), ID: atomic.AddUint64(&c.sid, uint64(1)),
Account: account, Account: account,
ServiceName: c.name, Handler: c.handler,
} }
log.Printf("Beginning %s session %d for %s", c.name, session.ID, user) log.Printf("Beginning %s session %d for %s", c.name, session.ID, user)

21
internal/smtp/session.go
View File

@@ -1,7 +1,7 @@
package smtp package smtp
import ( import (
"fmt" "bytes"
"io" "io"
"io/ioutil" "io/ioutil"
"log" "log"
@@ -9,26 +9,33 @@ import (
"ur.gs/crockery/internal/store" "ur.gs/crockery/internal/store"
) )
type Handler interface {
Name() string
Send(from string, to []string, r io.Reader) error
}
// type Session implements the User interface for emersion/go-smtp // type Session implements the User interface for emersion/go-smtp
type Session struct { type Session struct {
ID uint64 ID uint64
Account *store.Account Account *store.Account
ServiceName string Handler Handler
} }
func (s *Session) Send(from string, to []string, r io.Reader) error { func (s *Session) Send(from string, to []string, r io.Reader) error {
// FIXME: TODO: don't keep this lot forever, it's for debugging purposes
data, err := ioutil.ReadAll(r) data, err := ioutil.ReadAll(r)
if err != nil { if err != nil {
return err return err
} }
log.Printf("%s session %d for %s: from=%s, to=%s, r=<<EOF\n%s\nEOF", s.ServiceName, s.ID, s.Account.Username, from, to, string(data)) log.Printf("%s session %d for %s: from=%s, to=%s, r=<<EOF\n%s\nEOF", s.Handler.Name(), s.ID, s.Account.Username, from, to, string(data))
return fmt.Errorf("Not yet implemented") memR := bytes.NewReader(data)
return s.Handler.Send(from, to, memR)
} }
func (s *Session) Logout() error { func (s *Session) Logout() error {
log.Printf("Ending %s session %d for %s", s.ServiceName, s.ID, s.Account.Username) log.Printf("Ending %s session %d for %s", s.Handler.Name(), s.ID, s.Account.Username)
return nil return nil
} }