Commit graph

956 commits

Author SHA1 Message Date
4c8c0d855e
Handle read errors in SMTP authentication flow
Add checks to handle errors when reading client messages. This ensures that an appropriate error message is sent back to the client if reading fails, improving the robustness of the SMTP authentication process.
2024-10-03 12:38:39 +02:00
03062c5183
Add SCRAM-SHA authentication tests for SMTP
Introduce new unit tests to verify SCRAM-SHA-1 and SCRAM-SHA-256 authentication for the SMTP client. These tests cover both successful and failing authentication cases, and include a mock SMTP server to facilitate testing.
2024-10-03 12:32:06 +02:00
a8e89a1258
Add support for SCRAM-SHA authentication mechanisms
Introduced new test cases for SCRAM-SHA-1, SCRAM-SHA-256, and their PLUS variants in `smtp_test.go`. Updated the authTest structure to include a `hasNonce` flag and implemented logic to handle nonce validation and success message processing.
2024-10-02 18:02:46 +02:00
e4dd62475a
Improve error handling in SCRAM-SHA-X-PLUS authentication
Refactor error return to include more specific information and add a check for TLS connection state in SCRAM-SHA-X-PLUS authentication flow. This ensures clearer error messages and verifies essential prerequisites for secure authentication.
2024-10-02 18:02:34 +02:00
580981b158
Refactor error handling in SMTP authentication
Centralized error definitions in `smtp/auth.go` and updated references in `auth_login.go` and `auth_plain.go`. This improves code maintainability and error consistency across the package.
2024-10-02 18:02:23 +02:00
a41639ec07
Fix secret reference and improve test command options
Corrected the reference for `TEST_PASS_SCRAM` in both workflows. Simplified the Go test command in `codecov.yml` and added the `shuffle=on` option for better test randomness in `sonarqube.yml`.
2024-10-02 16:50:45 +02:00
d19c2fd87d
Merge pull request #316 from wneessen/trashmail-update
Update test recipient email in client tests
2024-10-02 16:29:13 +02:00
c8a8e9772a
Update test recipient email in client tests
Changed the test email address from go-mail@mytrashmailer.com to couttifaddebro-1473@yopmail.com. This new address is expected to be used for sending test mails.
2024-10-02 16:25:41 +02:00
2bde374d2c
Merge pull request #313 from wneessen/dependabot/github_actions/codecov/codecov-action-4.6.0
Bump codecov/codecov-action from 4.5.0 to 4.6.0
2024-10-02 15:57:23 +02:00
97ad132965
Merge pull request #314 from wneessen/dependabot/github_actions/golang/govulncheck-action-1.0.4
Bump golang/govulncheck-action from 1.0.3 to 1.0.4
2024-10-02 15:57:09 +02:00
b7fa04e0cb
Merge pull request #315 from wneessen/fix-github-actions
Fix GitHub actions
2024-10-02 15:55:11 +02:00
0c3bf239f1
Add support channel information for Gophers Slack
Updated the README file to include our new support and general discussion channel on the Gophers Slack. Users can now find us on both Discord and Slack for any queries or discussions related to go-mail.
2024-10-02 15:54:34 +02:00
cbba4d83d1
Add SCRAM authentication to CI workflows
This commit introduces SCRAM authentication configurations to both `codecov.yml` and `sonarqube.yml` GitHub Action workflow files. The changes include new environment variables for SCRAM host, user, and password to enhance the security and flexibility of the CI processes.
2024-10-02 15:51:56 +02:00
dependabot[bot]
3f3b21348f
Bump golang/govulncheck-action from 1.0.3 to 1.0.4
Bumps [golang/govulncheck-action](https://github.com/golang/govulncheck-action) from 1.0.3 to 1.0.4.
- [Release notes](https://github.com/golang/govulncheck-action/releases)
- [Commits](dd0578b371...b625fbe08f)

---
updated-dependencies:
- dependency-name: golang/govulncheck-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-10-02 13:45:37 +00:00
dependabot[bot]
e037df43a7
Bump codecov/codecov-action from 4.5.0 to 4.6.0
Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action) from 4.5.0 to 4.6.0.
- [Release notes](https://github.com/codecov/codecov-action/releases)
- [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md)
- [Commits](e28ff129e5...b9fd7d16f6)

---
updated-dependencies:
- dependency-name: codecov/codecov-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-10-02 13:45:34 +00:00
c8e45477bb
Merge pull request #312 from wneessen/bug/311_smtp-auth-login-should-follow-ietf-draft-more-closely
Enhance SMTP LOGIN auth and add comprehensive tests
2024-10-02 14:18:38 +02:00
761e205049
Fix client connection test error handling
Changed variable assignment in the test to fix error handling. This ensures the error is properly caught and reported during the client connection process.
2024-10-02 13:10:10 +02:00
9d70283af9
Reset response step in AUTH LOGIN initialization
The addition of `a.respStep = 0` resets the response step counter at the beginning of the AUTH LOGIN process. This ensures that the state starts correctly and avoids potential issues related to residual values from previous authentications.
2024-10-02 13:09:55 +02:00
93752280aa
Update smtp_test.go to add more authentication test cases
Enhanced the LoginAuth test coverage by adding new scenarios with different sequences and invalid cases. This ensures more robust validation and better handling of edge cases in authentication testing.
2024-10-02 12:54:32 +02:00
547f78dbee
Enhance SMTP LOGIN auth and add comprehensive tests
Refactored SMTP LOGIN auth to improve compatibility with various server responses, consolidating error handling and response steps. Added extensive tests to verify successful and failed authentication across different server configurations.
2024-10-02 12:37:54 +02:00
9bafa969b8
Merge pull request #310 from wneessen/feature/242_support-scram-sha
SCRAM-SHA-1(-PLUS) / SCRAM-SHA-256(-PLUS) support
2024-10-01 20:52:08 +02:00
72b3f53eb7
Add tests for unsupported SCRAM-SHA authentications
Introduce a new test case `TestClient_AuthSCRAMSHAX_unsupported` to validate handling of unsupported SCRAM-SHA authentication methods. This ensures the client returns the correct errors when setting unsupported auth types.
2024-10-01 20:45:07 +02:00
986a988c5d
Reset SMTP auth when setting SMTP auth type
This change ensures that the smtpAuth field is reset to nil whenever the SMTP auth type is updated. This prevents potential issues with mismatched authentication settings.
2024-10-01 20:44:50 +02:00
f823112a4d
Refactor: consolidate ErrNonTLSConnection variable
The variable ErrNonTLSConnection has been simplified from a multi-line declaration to a single-line declaration. This increases code readability and maintains consistency with Go conventions.
2024-10-01 20:32:41 +02:00
15b9ddf067
Refactor error handling for non-TLS SMTP connections
Introduce a global error variable for non-TLS connections and update corresponding error handling across the codebase. This enhances readability and maintainability of the error management logic.
2024-10-01 17:23:29 +02:00
5058fd5222
Add test for SCRAM-SHA authentication failure cases
Implemented tests for various SCRAM-SHA authentication methods including SCRAM-SHA-1, SCRAM-SHA-1-PLUS, SCRAM-SHA-256, and SCRAM-SHA-256-PLUS with invalid credentials. This ensures that the client correctly handles and reports authentication failures.
2024-10-01 17:01:10 +02:00
8838414c38
Fix incorrect error types for unsupported SMTP authentication
Corrects the error messages returned for unsupported SMTP authentication types from ErrXOauth2AuthNotSupported to specific errors like ErrSCRAMSHA1AuthNotSupported, ErrSCRAMSHA256AuthNotSupported, and so on. This change improves the accuracy of error reporting for various SMTP authentication mechanisms.
2024-10-01 17:00:57 +02:00
b69ad27de3
Add comments for SMTP authentication mechanisms
Enhanced the documentation by adding detailed comments for each SMTP authentication type, specifying their references to RFC documents. Corrected comments for error variables to match the corresponding authentication schemas.
2024-10-01 17:00:43 +02:00
7499bae3eb
Add unit tests for SCRAM-SHA authentication methods
Introduce `TestClient_AuthSCRAMSHAX` to verify SCRAM-SHA-1 and SCRAM-SHA-256 authentication. These tests validate the creation, connection, and closing of clients with the respective authentication methods using environment-configured credentials.
2024-10-01 16:45:02 +02:00
324be9d032
Refactor SCRAM tests to include SHA-256-PLUS
Updated `TestClient_AuthSCRAMSHA1PLUS_tlsexporter` and `TestClient_AuthSCRAMSHA1PLUS_tlsunique` to test both SCRAM-SHA-1-PLUS and SCRAM-SHA-256-PLUS authentication types. Implemented table-driven tests to improve readability and maintainability.
2024-10-01 16:43:36 +02:00
bcf7084982
Add detailed documentation comments for SCRAM methods
Enhanced code readability and maintainability by adding comprehensive documentation comments to all methods and struct definitions in the `smtp/auth_scram.go` file. This improves clarity on the functionality and usage of the SCRAM (Salted Challenge Response Authentication Mechanism) methods and structures.
2024-10-01 16:39:13 +02:00
abab0af2a3
Simplify sponsor appreciation message
Revise the sponsors section in README.md to convey gratitude more concisely. Removed redundant phrasing and made the message more direct while ensuring the intent remains clear.
2024-10-01 16:01:58 +02:00
687843ee53
Enhance contributors section and add sponsors acknowledgment
Updated the Authors/Contributors section to include a graphical representation of contributors and added special thanks to Maria Letta for the logo design. Introduced a new Sponsors section to acknowledge the support from sponsors.
2024-10-01 15:57:01 +02:00
cace4890bc
Update README.md wordings for clarity
Refined the wording in the README.md to enhance readability and clarity. Changed some sentences to past perfect tense and added backticks around `smtp` for consistency with code references.
2024-10-01 15:47:07 +02:00
e5b87db448
Update README to clarify library features and dependencies
Revised the README to provide clearer explanations of the library's origins, dependencies, and features. Added details on the small dependency footprint and enhanced SMTP Auth methods, and emphasized the concurrency-safe reuse of SMTP connections.
2024-10-01 15:41:26 +02:00
5b5991f17d
Merge branch 'main' into feature/242_support-scram-sha 2024-10-01 15:30:22 +02:00
e8f3c444e6
Add SCRAM-SHA1-PLUS authentication tests
Introduced two new unit tests for SCRAM-SHA1-PLUS authentication with TLS exporter and TLS unique options. These tests ensure proper client creation, connection, and disconnection processes are functioning as expected in online environments.
2024-10-01 15:28:53 +02:00
27838f5b1f
Improve TLS state handling and add SCRAM-SHA-256 auth support
Replaced direct TLSConnectionState call with error handling for TLS state retrieval. Introduced SCRAM-SHA-256 support in the SMTP authentication process.
2024-10-01 15:28:10 +02:00
3013975c6a
Rename and refactor SCRAM authentication methods
Updated method names to more accurately reflect their authentication mechanisms (SCRAM-SHA-1, SCRAM-SHA-1-PLUS, SCRAM-SHA-256, SCRAM-SHA-256-PLUS). Revised corresponding comments to improve clarity and maintain consistency.
2024-10-01 15:27:31 +02:00
c797f0be17
Add REUSE.toml
Replaced deprecated .reuse/dep5 with REUSE.toml config file
2024-10-01 15:27:05 +02:00
b96badbd59
Add license file for go.sum
Introduce a go.sum.license file to explicitly state the licensing terms for the go.sum file. This ensures proper attribution and compliance with open-source licensing requirements.
2024-10-01 15:25:51 +02:00
738f43e289
Add GetTLSConnectionState method to SMTP client
Introduce a method to retrieve the TLS connection state of the client's current connection. This method checks if the connection uses TLS and is established, returning appropriate errors otherwise.
2024-10-01 11:05:42 +02:00
ebd171005d
Update dependencies in go.mod and go.sum
Added `golang.org/x/crypto v0.27.0` and `golang.org/x/text v0.18.0` to go.mod. Updated go.sum to reflect these changes for proper dependency management.
2024-10-01 11:05:07 +02:00
4f1a60760d
Add support for SCRAM-SHA authentication methods
Extended SMTP authentication to include SCRAM-SHA-1, SCRAM-SHA-1-PLUS, SCRAM-SHA-256, and SCRAM-SHA-256-PLUS methods. This enhancement provides more secure and flexible authentication options for SMTP clients.
2024-10-01 11:04:16 +02:00
e8fc6cd78f
Add SCRAM-SHA support to SMTP authentication
Introduced additional SMTP authentication mechanisms: SCRAM-SHA-1, SCRAM-SHA-1-PLUS, SCRAM-SHA-256, and SCRAM-SHA-256-PLUS. Added corresponding error messages for unsupported authentication types. This enhances security options for SMTP connections.
2024-10-01 11:04:01 +02:00
9069c9cdff
Add SCRAM-SHA support to SMTP authentication
Introduced additional SMTP authentication mechanisms: SCRAM-SHA-1, SCRAM-SHA-1-PLUS, SCRAM-SHA-256, and SCRAM-SHA-256-PLUS. Added corresponding error messages for unsupported authentication types. This enhances security options for SMTP connections.
2024-10-01 11:03:44 +02:00
627216425f
Merge pull request #309 from wneessen/dependabot/github_actions/github/codeql-action-3.26.10
Bump github/codeql-action from 3.26.9 to 3.26.10
2024-09-30 15:42:23 +02:00
dependabot[bot]
012082978d
Bump github/codeql-action from 3.26.9 to 3.26.10
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.26.9 to 3.26.10.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](461ef6c76d...e2b3eafc8d)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-09-30 13:36:41 +00:00
65a91a2711
Merge pull request #307 from wneessen/feature/269_goroutineconcurrency-safety
go-mail goroutine-/thread-safety
2024-09-27 17:17:00 +02:00
c1f6ef07d4
Skip test cases when client creation fails
Updated the client creation check to skip test cases if the client cannot be created, instead of marking them as errors. This ensures tests dependent on a successful client creation do not fail unnecessarily but are instead skipped.
2024-09-27 17:09:00 +02:00