2021-07-18 23:03:28 +01:00
|
|
|
/*
|
|
|
|
|
* Copyright (c) 2021 Neil Alexander
|
|
|
|
|
*
|
|
|
|
|
* This Source Code Form is subject to the terms of the Mozilla Public
|
|
|
|
|
* License, v. 2.0. If a copy of the MPL was not distributed with this
|
|
|
|
|
* file, You can obtain one at http://mozilla.org/MPL/2.0/.
|
|
|
|
|
*/
|
|
|
|
|
|
2021-07-07 18:15:07 +01:00
|
|
|
package smtpserver
|
|
|
|
|
|
|
|
|
|
import (
|
2026-02-14 02:34:09 +05:00
|
|
|
"crypto/ed25519"
|
2021-07-07 18:15:07 +01:00
|
|
|
"fmt"
|
|
|
|
|
"log"
|
|
|
|
|
|
|
|
|
|
"github.com/emersion/go-smtp"
|
2026-02-14 02:34:09 +05:00
|
|
|
"github.com/neilalexander/yggmail/internal/account"
|
|
|
|
|
"github.com/neilalexander/yggmail/internal/notify"
|
2021-07-07 18:15:07 +01:00
|
|
|
"github.com/neilalexander/yggmail/internal/smtpsender"
|
|
|
|
|
"github.com/neilalexander/yggmail/internal/storage"
|
2026-02-14 02:34:09 +05:00
|
|
|
"github.com/neilalexander/yggmail/internal/storage/remote"
|
2021-07-08 23:12:20 +01:00
|
|
|
"github.com/neilalexander/yggmail/internal/utils"
|
2021-07-07 18:15:07 +01:00
|
|
|
)
|
|
|
|
|
|
|
|
|
|
type BackendMode int
|
|
|
|
|
|
|
|
|
|
const (
|
|
|
|
|
BackendModeInternal BackendMode = iota
|
|
|
|
|
BackendModeExternal
|
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
type Backend struct {
|
2026-02-14 02:34:09 +05:00
|
|
|
Mode BackendMode
|
|
|
|
|
Log *log.Logger
|
|
|
|
|
Queues *smtpsender.Queues
|
|
|
|
|
Storage storage.Storage
|
|
|
|
|
Notify *notify.Notify
|
|
|
|
|
Account *account.Manager
|
|
|
|
|
NodePublicKey ed25519.PublicKey
|
|
|
|
|
// Config *config.Config
|
2021-07-07 18:15:07 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func (b *Backend) Login(state *smtp.ConnectionState, username, password string) (smtp.Session, error) {
|
|
|
|
|
switch b.Mode {
|
|
|
|
|
case BackendModeInternal:
|
2021-07-08 23:12:20 +01:00
|
|
|
// If our username is email-like, then take just the localpart
|
2026-02-14 02:34:09 +05:00
|
|
|
dPk, aPk, err := utils.ParseAddress(username)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return nil, fmt.Errorf("failed to authenticate: wrong domain or username")
|
2021-07-08 23:12:20 +01:00
|
|
|
}
|
2026-02-14 02:34:09 +05:00
|
|
|
|
|
|
|
|
// Work in domain mode: Get account
|
|
|
|
|
session, err := b.Account.Login(username, password)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return nil, fmt.Errorf("failed to autheticate: %w", err)
|
2021-07-07 18:15:07 +01:00
|
|
|
}
|
2026-02-14 02:34:09 +05:00
|
|
|
|
|
|
|
|
username = utils.EncodeString(aPk)
|
|
|
|
|
var storage storage.Storage
|
|
|
|
|
|
|
|
|
|
if !b.NodePublicKey.Equal(dPk) {
|
|
|
|
|
storage = remote.NewRemoteStorage(dPk, session, b.Queues.Transport)
|
|
|
|
|
b.Log.Println("SMTP L: Authenticate with remote storage as", username)
|
|
|
|
|
//return nil, fmt.Errorf("failed to authenticate: wrong domain in username")
|
|
|
|
|
} else {
|
|
|
|
|
storage = b.Storage
|
|
|
|
|
b.Log.Println("SMTP L: Authenticate with local storage as", username)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
defer b.Log.Printf("Authenticated SMTP user as %q\n", username)
|
|
|
|
|
|
2021-07-07 18:15:07 +01:00
|
|
|
return &SessionLocal{
|
|
|
|
|
backend: b,
|
2026-02-14 02:34:09 +05:00
|
|
|
session: session,
|
|
|
|
|
storage: storage,
|
2021-07-07 18:15:07 +01:00
|
|
|
state: state,
|
|
|
|
|
}, nil
|
|
|
|
|
|
|
|
|
|
case BackendModeExternal:
|
2025-12-20 14:06:14 +00:00
|
|
|
return nil, fmt.Errorf("not expecting authenticated connection on external backend")
|
2021-07-07 18:15:07 +01:00
|
|
|
}
|
|
|
|
|
|
2025-12-20 14:06:14 +00:00
|
|
|
return nil, fmt.Errorf("authenticated login failed")
|
2021-07-07 18:15:07 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func (b *Backend) AnonymousLogin(state *smtp.ConnectionState) (smtp.Session, error) {
|
|
|
|
|
switch b.Mode {
|
|
|
|
|
case BackendModeInternal:
|
2025-12-20 14:06:14 +00:00
|
|
|
return nil, fmt.Errorf("not expecting anonymous connection on internal backend")
|
2021-07-07 18:15:07 +01:00
|
|
|
|
|
|
|
|
case BackendModeExternal:
|
2026-02-14 02:34:09 +05:00
|
|
|
return nil, fmt.Errorf("not expecting anonymous connection on smtp. RPC Only")
|
|
|
|
|
// // The connection came from our overlay listener, so we should check
|
|
|
|
|
// // that they are who they claim to be
|
2021-07-07 18:15:07 +01:00
|
|
|
|
2026-02-14 02:34:09 +05:00
|
|
|
// // Transport Layer address. Hex
|
|
|
|
|
// nodePk, err := hex.DecodeString(state.RemoteAddr.String())
|
|
|
|
|
// if err != nil {
|
|
|
|
|
// return nil, fmt.Errorf("hex.DecodeString: %w", err)
|
|
|
|
|
// }
|
|
|
|
|
// // HELO Hostname. Format
|
|
|
|
|
// hostPk, err := utils.DecodeString(state.Hostname)
|
|
|
|
|
// if err != nil {
|
|
|
|
|
// return nil, fmt.Errorf("utils.DecodeKey: %w", err)
|
|
|
|
|
// }
|
|
|
|
|
|
|
|
|
|
// nPk := ed25519.PublicKey(nodePk)
|
|
|
|
|
// hPk := ed25519.PublicKey(hostPk)
|
|
|
|
|
|
|
|
|
|
// if !nPk.Equal(hPk) {
|
|
|
|
|
// return nil, fmt.Errorf("you are not who you claim to be")
|
|
|
|
|
// }
|
|
|
|
|
|
|
|
|
|
// b.Log.Println("SMTP Local: Incoming session from", state.Hostname)
|
|
|
|
|
// return &SessionRemote{
|
|
|
|
|
// backend: b,
|
|
|
|
|
// state: state,
|
|
|
|
|
// public: nPk[:],
|
|
|
|
|
// }, nil
|
2021-07-07 18:15:07 +01:00
|
|
|
}
|
|
|
|
|
|
2025-12-20 14:06:14 +00:00
|
|
|
return nil, fmt.Errorf("anonymous login failed")
|
2021-07-07 18:15:07 +01:00
|
|
|
}
|