From 580981b15881f08afa832021364e35b9e4c8aa3b Mon Sep 17 00:00:00 2001 From: Winni Neessen Date: Wed, 2 Oct 2024 18:02:23 +0200 Subject: [PATCH] Refactor error handling in SMTP authentication Centralized error definitions in `smtp/auth.go` and updated references in `auth_login.go` and `auth_plain.go`. This improves code maintainability and error consistency across the package. --- smtp/auth.go | 13 +++++++++++++ smtp/auth_login.go | 8 ++------ smtp/auth_plain.go | 10 +++------- 3 files changed, 18 insertions(+), 13 deletions(-) diff --git a/smtp/auth.go b/smtp/auth.go index 30948e1..a62e74d 100644 --- a/smtp/auth.go +++ b/smtp/auth.go @@ -13,6 +13,19 @@ package smtp +import "errors" + +var ( + // ErrUnencrypted is an error indicating that the connection is not encrypted. + ErrUnencrypted = errors.New("unencrypted connection") + // ErrUnexpectedServerChallange is an error indicating that the server issued an unexpected challenge. + ErrUnexpectedServerChallange = errors.New("unexpected server challenge") + // ErrUnexpectedServerResponse is an error indicating that the server issued an unexpected response. + ErrUnexpectedServerResponse = errors.New("unexpected server response") + // ErrWrongHostname is an error indicating that the provided hostname does not match the expected value. + ErrWrongHostname = errors.New("wrong host name") +) + // Auth is implemented by an SMTP authentication mechanism. type Auth interface { // Start begins an authentication with a server. diff --git a/smtp/auth_login.go b/smtp/auth_login.go index 715861c..847ad62 100644 --- a/smtp/auth_login.go +++ b/smtp/auth_login.go @@ -5,13 +5,9 @@ package smtp import ( - "errors" "fmt" ) -// ErrUnencrypted is an error indicating that the connection is not encrypted. -var ErrUnencrypted = errors.New("unencrypted connection") - // loginAuth is the type that satisfies the Auth interface for the "SMTP LOGIN" auth type loginAuth struct { username, password string @@ -55,7 +51,7 @@ func (a *loginAuth) Start(server *ServerInfo) (string, []byte, error) { return "", nil, ErrUnencrypted } if server.Name != a.host { - return "", nil, errors.New("wrong host name") + return "", nil, ErrWrongHostname } a.respStep = 0 return "LOGIN", nil, nil @@ -73,7 +69,7 @@ func (a *loginAuth) Next(fromServer []byte, more bool) ([]byte, error) { a.respStep++ return []byte(a.password), nil default: - return nil, fmt.Errorf("unexpected server response: %s", string(fromServer)) + return nil, fmt.Errorf("%w: %s", ErrUnexpectedServerResponse, string(fromServer)) } } return nil, nil diff --git a/smtp/auth_plain.go b/smtp/auth_plain.go index 2430c96..e6e0ad9 100644 --- a/smtp/auth_plain.go +++ b/smtp/auth_plain.go @@ -13,10 +13,6 @@ package smtp -import ( - "errors" -) - // plainAuth is the type that satisfies the Auth interface for the "SMTP PLAIN" auth type plainAuth struct { identity, username, password string @@ -42,10 +38,10 @@ func (a *plainAuth) Start(server *ServerInfo) (string, []byte, error) { // That might just be the attacker saying // "it's ok, you can trust me with your password." if !server.TLS && !isLocalhost(server.Name) { - return "", nil, errors.New("unencrypted connection") + return "", nil, ErrUnencrypted } if server.Name != a.host { - return "", nil, errors.New("wrong host name") + return "", nil, ErrWrongHostname } resp := []byte(a.identity + "\x00" + a.username + "\x00" + a.password) return "PLAIN", resp, nil @@ -54,7 +50,7 @@ func (a *plainAuth) Start(server *ServerInfo) (string, []byte, error) { func (a *plainAuth) Next(_ []byte, more bool) ([]byte, error) { if more { // We've already sent everything. - return nil, errors.New("unexpected server challenge") + return nil, ErrUnexpectedServerChallange } return nil, nil }