From e2ed5b747a70bdbb48f089144d62770511b58c65 Mon Sep 17 00:00:00 2001 From: Winni Neessen Date: Tue, 22 Oct 2024 15:50:18 +0200 Subject: [PATCH] Add tests for PlainAuth and LoginAuth without encryption Introduced new test functions TestAuthPlainNoEnc and TestAuthLoginNoEnc in smtp_test.go to verify behaviors of PlainAuth and LoginAuth without TLS encryption. These tests ensure that authentication mechanisms handle non-encrypted and diverse server configurations correctly. --- smtp/smtp_test.go | 84 +++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 84 insertions(+) diff --git a/smtp/smtp_test.go b/smtp/smtp_test.go index 50243ef..cb134ba 100644 --- a/smtp/smtp_test.go +++ b/smtp/smtp_test.go @@ -265,6 +265,46 @@ func TestAuthPlain(t *testing.T) { } } +func TestAuthPlainNoEnc(t *testing.T) { + tests := []struct { + authName string + server *ServerInfo + err string + }{ + { + authName: "servername", + server: &ServerInfo{Name: "servername", TLS: true}, + }, + { + // OK to use PlainAuth on localhost without TLS + authName: "localhost", + server: &ServerInfo{Name: "localhost", TLS: false}, + }, + { + // Also OK on non-TLS secured connections. The NoEnc mechanism is meant to allow + // non-encrypted connections. + authName: "servername", + server: &ServerInfo{Name: "servername", Auth: []string{"PLAIN"}}, + }, + { + authName: "servername", + server: &ServerInfo{Name: "attacker", TLS: true}, + err: "wrong host name", + }, + } + for i, tt := range tests { + auth := PlainAuth("foo", "bar", "baz", tt.authName, true) + _, _, err := auth.Start(tt.server) + got := "" + if err != nil { + got = err.Error() + } + if got != tt.err { + t.Errorf("%d. got error = %q; want %q", i, got, tt.err) + } + } +} + func TestAuthLogin(t *testing.T) { tests := []struct { authName string @@ -311,6 +351,50 @@ func TestAuthLogin(t *testing.T) { } } +func TestAuthLoginNoEnc(t *testing.T) { + tests := []struct { + authName string + server *ServerInfo + err string + }{ + { + authName: "servername", + server: &ServerInfo{Name: "servername", TLS: true}, + }, + { + // OK to use LoginAuth on localhost without TLS + authName: "localhost", + server: &ServerInfo{Name: "localhost", TLS: false}, + }, + { + // Also OK on non-TLS secured connections. The NoEnc mechanism is meant to allow + // non-encrypted connections. + authName: "servername", + server: &ServerInfo{Name: "servername", Auth: []string{"LOGIN"}}, + }, + { + authName: "servername", + server: &ServerInfo{Name: "servername", Auth: []string{"CRAM-MD5"}}, + }, + { + authName: "servername", + server: &ServerInfo{Name: "attacker", TLS: true}, + err: "wrong host name", + }, + } + for i, tt := range tests { + auth := LoginAuth("foo", "bar", tt.authName, true) + _, _, err := auth.Start(tt.server) + got := "" + if err != nil { + got = err.Error() + } + if got != tt.err { + t.Errorf("%d. got error = %q; want %q", i, got, tt.err) + } + } +} + func TestXOAuth2OK(t *testing.T) { server := []string{ "220 Fake server ready ESMTP",