From 4c8c0d855e206ea3135960f8fc403e093763205d Mon Sep 17 00:00:00 2001 From: Winni Neessen Date: Thu, 3 Oct 2024 12:38:39 +0200 Subject: [PATCH] Handle read errors in SMTP authentication flow Add checks to handle errors when reading client messages. This ensures that an appropriate error message is sent back to the client if reading fails, improving the robustness of the SMTP authentication process. --- smtp/smtp_test.go | 17 ++++++++++++----- 1 file changed, 12 insertions(+), 5 deletions(-) diff --git a/smtp/smtp_test.go b/smtp/smtp_test.go index dc8dbdb..0d47760 100644 --- a/smtp/smtp_test.go +++ b/smtp/smtp_test.go @@ -1731,8 +1731,12 @@ func (s *testSCRAMSMTPServer) handleSCRAMAuth(conn net.Conn) { } data, err := reader.ReadString('\n') - clientMessage := strings.TrimSpace(data) - decodedMessage, err := base64.StdEncoding.DecodeString(clientMessage) + if err != nil { + _ = writeLine("535 Authentication failed") + return + } + data = strings.TrimSpace(data) + decodedMessage, err := base64.StdEncoding.DecodeString(data) if err != nil { _ = writeLine("535 Authentication failed") return @@ -1765,8 +1769,12 @@ func (s *testSCRAMSMTPServer) handleSCRAMAuth(conn net.Conn) { _ = writeLine(fmt.Sprintf("334 %s", base64.StdEncoding.EncodeToString([]byte(serverFirstMessage)))) data, err = reader.ReadString('\n') - clientFinalMessage := strings.TrimSpace(data) - decodedFinalMessage, err := base64.StdEncoding.DecodeString(clientFinalMessage) + if err != nil { + _ = writeLine("535 Authentication failed") + return + } + data = strings.TrimSpace(data) + decodedFinalMessage, err := base64.StdEncoding.DecodeString(data) if err != nil { _ = writeLine("535 Authentication failed") return @@ -1794,7 +1802,6 @@ func (s *testSCRAMSMTPServer) handleSCRAMAuth(conn net.Conn) { return } _ = writeLine("235 Authentication successful") - return } func (s *testSCRAMSMTPServer) extractNonce(message string) string {