Introduced new test functions TestAuthPlainNoEnc and TestAuthLoginNoEnc in smtp_test.go to verify behaviors of PlainAuth and LoginAuth without TLS encryption. These tests ensure that authentication mechanisms handle non-encrypted and diverse server configurations correctly.
Updated PlainAuth and LoginAuth calls in smtp_test.go and example_test.go to include a 'skipTLS' boolean parameter. This ensures consistent function signatures throughout the test cases and examples.
Implemented an option to allow SMTP LOGIN authentication over unencrypted channels by introducing a new `SMTPAuthLoginNoEnc` type. Updated relevant functions and tests to handle the new parameter for unsecured authentication.
Implemented a new SMTPAuthPlainNoEnc option to allow PLAIN authentication over unencrypted connections. Refactored the PlainAuth function to accept an additional allowUnencryptedAuth parameter. Updated relevant tests to cover the new authentication method.
Fix a typo in smtp_test.go's comment from "challanges" to "challenges" to improve readability and accuracy of documentation. This change does not affect the code's functionality.
Corrected spelling errors in comments for "challenge" and "compatibility" to improve clarity. This ensures better understanding and adherence to the documented IETF draft standard.
Introduced TestClient_SetLogAuthData to verify the proper behavior of the SetLogAuthData method in both client and SMTP tests. This ensures that logAuthData is enabled or disabled as expected, increasing code reliability.
Added the `logAuthData` flag to enable conditional logging of SMTP authentication data. Introduced the `SetLogAuthData` method for clients to toggle this flag. Adjusted existing logging logic to respect this new configuration.
Add a boolean flag `authIsActive` to manage redaction of sensitive authentication information in debug logs. When this flag is true, authentication details are replaced with `<auth redacted>`.
This commit introduces tests for various TLS-related methods such as GetTLSConnectionState, HasConnection, SetDSNMailReturnOption, SetDSNRcptNotifyOption, and UpdateDeadline. It also modifies the error handling logic in smtp.go to include new error types and improves the mutex handling in UpdateDeadline.
Introduced the isConnected boolean flag in the Client struct to clearly indicate whether there is an active connection. Updated relevant methods to set this flag accordingly, ensuring consistent state management across the Client's lifecycle.
Reset connections to nil after Close, add RLock in HasConnection, and refine Close logic to handle already closed connections gracefully. Enhanced DialWithContext documentation and added tests for double-close scenarios to ensure robustness.
Extended SMTP tests to include SCRAM-SHA-1-PLUS and SCRAM-SHA-256-PLUS authentication mechanisms. Adjusted the `startSMTPServer` function to accept a hashing function and modified the server logic to handle TLS channel binding.
Add checks to handle errors when reading client messages. This ensures that an appropriate error message is sent back to the client if reading fails, improving the robustness of the SMTP authentication process.
Introduce new unit tests to verify SCRAM-SHA-1 and SCRAM-SHA-256 authentication for the SMTP client. These tests cover both successful and failing authentication cases, and include a mock SMTP server to facilitate testing.
Introduced new test cases for SCRAM-SHA-1, SCRAM-SHA-256, and their PLUS variants in `smtp_test.go`. Updated the authTest structure to include a `hasNonce` flag and implemented logic to handle nonce validation and success message processing.
Refactor error return to include more specific information and add a check for TLS connection state in SCRAM-SHA-X-PLUS authentication flow. This ensures clearer error messages and verifies essential prerequisites for secure authentication.
Centralized error definitions in `smtp/auth.go` and updated references in `auth_login.go` and `auth_plain.go`. This improves code maintainability and error consistency across the package.
The addition of `a.respStep = 0` resets the response step counter at the beginning of the AUTH LOGIN process. This ensures that the state starts correctly and avoids potential issues related to residual values from previous authentications.
Enhanced the LoginAuth test coverage by adding new scenarios with different sequences and invalid cases. This ensures more robust validation and better handling of edge cases in authentication testing.
Refactored SMTP LOGIN auth to improve compatibility with various server responses, consolidating error handling and response steps. Added extensive tests to verify successful and failed authentication across different server configurations.
The variable ErrNonTLSConnection has been simplified from a multi-line declaration to a single-line declaration. This increases code readability and maintains consistency with Go conventions.
Introduce a global error variable for non-TLS connections and update corresponding error handling across the codebase. This enhances readability and maintainability of the error management logic.
Enhanced code readability and maintainability by adding comprehensive documentation comments to all methods and struct definitions in the `smtp/auth_scram.go` file. This improves clarity on the functionality and usage of the SCRAM (Salted Challenge Response Authentication Mechanism) methods and structures.
Updated method names to more accurately reflect their authentication mechanisms (SCRAM-SHA-1, SCRAM-SHA-1-PLUS, SCRAM-SHA-256, SCRAM-SHA-256-PLUS). Revised corresponding comments to improve clarity and maintain consistency.
Introduce a method to retrieve the TLS connection state of the client's current connection. This method checks if the connection uses TLS and is established, returning appropriate errors otherwise.
Correct the sequence of mutex unlocking in TLSConnectionState to ensure the mutex is always released properly. This prevents potential deadlocks and ensures the function behaves as expected in a concurrent context.
This commit revises locking mechanism usage around connection operations to avoid potential deadlocks and improve code clarity. Specifically, defer statements were removed and explicit unlocks were added to ensure that mutexes are properly released after critical sections. This change affects several methods, including `Close`, `cmd`, `TLSConnectionState`, `UpdateDeadline`, and newly introduced locking for concurrent data writes and reads in `dataCloser`.
This commit introduces a RWMutex to the Client struct in the smtp package to ensure thread-safe access to shared resources. Critical sections in methods like Close, StartTLS, and cmd are now protected with appropriate locking mechanisms. This change helps prevent potential race conditions, ensuring consistent and reliable behavior in concurrent environments.
Reordered and grouped fields in the Client struct for clarity. The reorganization separates logical groups of fields, making it easier to understand and maintain the code. This includes proper grouping of TLS parameters, DSN options, and debug settings.
Add mutex locking for client connections to ensure thread safety. Introduce `HasConnection` method to check active connections and `UpdateDeadline` method to handle timeout updates. Refactor connection handling in `checkConn` and `tls` methods accordingly.
The format string for the Debugf method calls within the smtp_test.go file have been updated. Previously, the format string was empty, but it has now been changed to "%s" to align with the standard formatting expectations, improving the correctness of the tests.
The Go version has been updated to 1.22 in the .golangci.toml file for compatibility reasons. Additionally, unnecessary white space has been removed from the smtp/smtp_test.go file to maximize code efficiency and readability.
The logging system in the smtp.go and log package has been refactored. A new custom log type `Log` was introduced, that includes the message direction, format and arguments. The `Logger` interface and the `Stdlog` implementation were modified to accept this new type. This change provides a clearer understanding of message direction inside logs, allowing for easier debugging and reduced complexity. This change does not affect features or disrupt user functionality. Additionally, it allows for custom implementations of the log.Logger interface to without being forced to use the C --> S/C <-- S direction logging.
- Bump version in doc.go
- Add sonarlint to .gitignore
- Update README to reflect the changes and contributors
- Fixed typos in auth_cram_md5_118.go, msg.go, msg_test.go, reader.go and smtp_ehlo_117.go
Fixes#121. `defer` in for loops can possibly lead to leaks.
The whole handling including the defer are now moved into anonymous functions outside the for loop and are called form the loop instead. This way the defer is handle when the inline function finishes
Since we are Go <1.20 compatible, we can't easily combine errors here. The suggested golangci-lint fix will not work neither, since the %w verb can't be used twice. Therefore, for now we will ignore the linting error
Closes#119
As stated in https://github.com/wneessen/go-mail/pull/102#issuecomment-1411956040 it would be beneficial if, instead of forcing the Go stdlib logger on the user to provide a simple interface and use that for logging purposes.
This PR implements this simple log.Logger interface as well as a standard logger that satisfies this interface. If no custom logger is provided, the Stdlog will be used (which makes use of the Go stdlib again).
Accordingly, a `Client.WithLogger` and `Client.SetLogger` have been implemented. Same applies for the smtp counterparts.