Merge 128b2bd32e into c903f6e1b4

Fix spelling errors

.github/workflows/codeql-analysis.yml

@@ -54,7 +54,7 @@ jobs:
 
     # Initializes the CodeQL tools for scanning.
     - name: Initialize CodeQL
-      uses: github/codeql-action/init@c36620d31ac7c881962c3d9dd939c40ec9434f2b # v3.26.12
+      uses: github/codeql-action/init@f779452ac5af1c261dce0346a8f964149f49322b # v3.26.13
       with:
         languages: ${{ matrix.language }}
         # If you wish to specify custom queries, you can do so here or in a config file.
@@ -65,7 +65,7 @@ jobs:
     # Autobuild attempts to build any compiled languages  (C/C++, C#, or Java).
     # If this step fails, then you should remove it and run the build manually (see below)
     - name: Autobuild
-      uses: github/codeql-action/autobuild@c36620d31ac7c881962c3d9dd939c40ec9434f2b # v3.26.12
+      uses: github/codeql-action/autobuild@f779452ac5af1c261dce0346a8f964149f49322b # v3.26.13
 
     # ℹ️ Command-line programs to run using the OS shell.
     # 📚 https://git.io/JvXDl
@@ -79,4 +79,4 @@ jobs:
     #   make release
 
     - name: Perform CodeQL Analysis
-      uses: github/codeql-action/analyze@c36620d31ac7c881962c3d9dd939c40ec9434f2b # v3.26.12
+      uses: github/codeql-action/analyze@f779452ac5af1c261dce0346a8f964149f49322b # v3.26.13

.github/workflows/scorecards.yml

@@ -67,7 +67,7 @@ jobs:
       # Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF
       # format to the repository Actions tab.
       - name: "Upload artifact"
-        uses: actions/upload-artifact@604373da6381bf24206979c74d06a550515601b9 # v4.4.1
+        uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3
         with:
           name: SARIF file
           path: results.sarif
@@ -75,6 +75,6 @@ jobs:
 
       # Upload the results to GitHub's code scanning dashboard.
       - name: "Upload to code-scanning"
-        uses: github/codeql-action/upload-sarif@c36620d31ac7c881962c3d9dd939c40ec9434f2b # v3.26.12
+        uses: github/codeql-action/upload-sarif@f779452ac5af1c261dce0346a8f964149f49322b # v3.26.13
         with:
           sarif_file: results.sarif

auth.go

@@ -35,7 +35,7 @@ const (
 	// IETF draft. The IETF draft is more lax than the MS spec, therefore we follow the I-D, which
 	// automatically matches the MS spec.
 	//
-	// Since the "LOGIN" SASL authentication mechansim transmits the username and password in
+	// Since the "LOGIN" SASL authentication mechanism transmits the username and password in
 	// plaintext over the internet connection, we only allow this mechanism over a TLS secured
 	// connection.
 	//
@@ -47,11 +47,11 @@ const (
 	// SMTPAuthNoAuth is equivalent to performing no authentication at all. It is a convenience
 	// option and should not be used. Instead, for mail servers that do no support/require
 	// authentication, the Client should not be passed the WithSMTPAuth option at all.
-	SMTPAuthNoAuth SMTPAuthType = ""
+	SMTPAuthNoAuth SMTPAuthType = "NOAUTH"
 
 	// SMTPAuthPlain is the "PLAIN" authentication mechanism as described in RFC 4616.
 	//
-	// Since the "PLAIN" SASL authentication mechansim transmits the username and password in
+	// Since the "PLAIN" SASL authentication mechanism transmits the username and password in
 	// plaintext over the internet connection, we only allow this mechanism over a TLS secured
 	// connection.
 	//
@@ -76,7 +76,7 @@ const (
 	//
 	// SCRAM-SHA-X-PLUS authentication require TLS channel bindings to protect against MitM attacks and
 	// to guarantee that the integrity of the transport layer is preserved throughout the authentication
-	// process. Therefore we only allow this mechansim over a TLS secured connection.
+	// process. Therefore we only allow this mechanism over a TLS secured connection.
 	//
 	// SCRAM-SHA-1-PLUS is still considered secure for certain applications, particularly when used as part
 	// of a challenge-response authentication mechanism (as we use it). However, it is generally
@@ -95,7 +95,7 @@ const (
 	//
 	// SCRAM-SHA-X-PLUS authentication require TLS channel bindings to protect against MitM attacks and
 	// to guarantee that the integrity of the transport layer is preserved throughout the authentication
-	// process. Therefore we only allow this mechansim over a TLS secured connection.
+	// process. Therefore we only allow this mechanism over a TLS secured connection.
 	//
 	// https://datatracker.ietf.org/doc/html/rfc7677
 	SMTPAuthSCRAMSHA256PLUS SMTPAuthType = "SCRAM-SHA-256-PLUS"

client.go

@@ -145,6 +145,9 @@ type (
 		// isEncrypted indicates wether the Client connection is encrypted or not.
 		isEncrypted bool
 
+		// logAuthData indicates whether authentication-related data should be logged.
+		logAuthData bool
+
 		// logger is a logger that satisfies the log.Logger interface.
 		logger log.Logger
 
@@ -256,11 +259,12 @@ var (
 //   - An error if any critical default values are missing or options fail to apply.
 func NewClient(host string, opts ...Option) (*Client, error) {
 	c := &Client{
-		connTimeout: DefaultTimeout,
+		smtpAuthType: SMTPAuthNoAuth,
-		host:        host,
+		connTimeout:  DefaultTimeout,
-		port:        DefaultPort,
+		host:         host,
-		tlsconfig:   &tls.Config{ServerName: host, MinVersion: DefaultTLSMinVersion},
+		port:         DefaultPort,
-		tlspolicy:   DefaultTLSPolicy,
+		tlsconfig:    &tls.Config{ServerName: host, MinVersion: DefaultTLSMinVersion},
+		tlspolicy:    DefaultTLSPolicy,
 	}
 
 	// Set default HELO/EHLO hostname
@@ -364,9 +368,10 @@ func WithSSLPort(fallback bool) Option {
 // WithDebugLog enables debug logging for the Client.
 //
 // This function activates debug logging, which logs incoming and outgoing communication between the
-// Client and the SMTP server to os.Stderr. Be cautious when using this option, as the logs may include
+// Client and the SMTP server to os.Stderr. By default the debug logging will redact any kind of SMTP
-// unencrypted authentication data, depending on the SMTP authentication method in use, which could
+// authentication data. If you need access to the actual authentication data in your logs, you can
-// pose a data protection risk.
+// enable authentication data logging with the WithLogAuthData option or by setting it with the
+// Client.SetLogAuthData method.
 //
 // Returns:
 //   - An Option function that enables debug logging for the Client.
@@ -671,6 +676,22 @@ func WithDialContextFunc(dialCtxFunc DialContextFunc) Option {
 	}
 }
 
+// WithLogAuthData enables logging of authentication data.
+//
+// This function sets the logAuthData field of the Client to true, enabling the logging of authentication data.
+//
+// Be cautious when using this option, as the logs may include unencrypted authentication data, depending on
+// the SMTP authentication method in use, which could pose a data protection risk.
+//
+// Returns:
+//   - An Option function that configures the Client to enable authentication data logging.
+func WithLogAuthData() Option {
+	return func(c *Client) error {
+		c.logAuthData = true
+		return nil
+	}
+}
+
 // TLSPolicy returns the TLSPolicy that is currently set on the Client as a string.
 //
 // This method retrieves the current TLSPolicy configured for the Client and returns it as a string representation.
@@ -865,6 +886,19 @@ func (c *Client) SetSMTPAuthCustom(smtpAuth smtp.Auth) {
 	c.smtpAuthType = SMTPAuthCustom
 }
 
+// SetLogAuthData sets or overrides the logging of SMTP authentication data for the Client.
+//
+// This function sets the logAuthData field of the Client to true, enabling the logging of authentication data.
+//
+// Be cautious when using this option, as the logs may include unencrypted authentication data, depending on
+// the SMTP authentication method in use, which could pose a data protection risk.
+//
+// Parameters:
+//   - logAuth: Set wether or not to log SMTP authentication data for the Client.
+func (c *Client) SetLogAuthData(logAuth bool) {
+	c.logAuthData = logAuth
+}
+
 // DialWithContext establishes a connection to the server using the provided context.Context.
 //
 // This function adds a deadline based on the Client's timeout to the provided context.Context
@@ -921,6 +955,9 @@ func (c *Client) DialWithContext(dialCtx context.Context) error {
 	if c.useDebugLog {
 		c.smtpClient.SetDebugLog(true)
 	}
+	if c.logAuthData {
+		c.smtpClient.SetLogAuthData()
+	}
 	if err = c.smtpClient.Hello(c.helo); err != nil {
 		return err
 	}
@@ -1028,9 +1065,16 @@ func (c *Client) DialAndSendWithContext(ctx context.Context, messages ...*Msg) e
 // determines the supported authentication methods, and applies the appropriate authentication
 // type. An error is returned if authentication fails.
 //
-// This method first verifies the connection to the SMTP server. If no custom authentication
+// By default NewClient sets the SMTP authentication type to SMTPAuthNoAuth, meaning, that no
-// mechanism is provided, it checks which authentication methods are supported by the server.
+// SMTP authentication will be performed. If the user makes use of SetSMTPAuth or initialzes the
-// Based on the configured SMTPAuthType, it sets up the appropriate authentication mechanism.
+// client with WithSMTPAuth, the SMTP authentication type will be set in the Client, forcing
+// this method to determine if the server supports the selected authentication method and
+// assigning the corresponding smtp.Auth function to it.
+//
+// If the user set a custom SMTP authentication function using SetSMTPAuthCustom or
+// WithSMTPAuthCustom, we will not perform any detection and assignment logic and will trust
+// the user with their provided smtp.Auth function.
+//
 // Finally, it attempts to authenticate the client using the selected method.
 //
 // Returns:
@@ -1040,7 +1084,8 @@ func (c *Client) auth() error {
 	if err := c.checkConn(); err != nil {
 		return fmt.Errorf("failed to authenticate: %w", err)
 	}
-	if c.smtpAuth == nil && c.smtpAuthType != SMTPAuthCustom {
+
+	if c.smtpAuth == nil && c.smtpAuthType != SMTPAuthNoAuth {
 		hasSMTPAuth, smtpAuthType := c.smtpClient.Extension("AUTH")
 		if !hasSMTPAuth {
 			return fmt.Errorf("server does not support SMTP AUTH")

client_test.go

@@ -123,6 +123,7 @@ func TestNewClientWithOptions(t *testing.T) {
 		{"WithoutNoop()", WithoutNoop(), false},
 		{"WithDebugLog()", WithDebugLog(), false},
 		{"WithLogger()", WithLogger(log.New(os.Stderr, log.LevelDebug)), false},
+		{"WithLogger()", WithLogAuthData(), false},
 		{"WithDialContextFunc()", WithDialContextFunc(func(ctx context.Context, network, address string) (net.Conn, error) {
 			return nil, nil
 		}), false},
@@ -578,6 +579,23 @@ func TestWithoutNoop(t *testing.T) {
 	}
 }
 
+func TestClient_SetLogAuthData(t *testing.T) {
+	c, err := NewClient(DefaultHost, WithLogAuthData())
+	if err != nil {
+		t.Errorf("failed to create new client: %s", err)
+		return
+	}
+	if !c.logAuthData {
+		t.Errorf("WithLogAuthData failed. c.logAuthData expected to be: %t, got: %t", true,
+			c.logAuthData)
+	}
+	c.SetLogAuthData(false)
+	if c.logAuthData {
+		t.Errorf("SetLogAuthData failed. c.logAuthData expected to be: %t, got: %t", false,
+			c.logAuthData)
+	}
+}
+
 // TestSetSMTPAuthCustom tests the SetSMTPAuthCustom method for the Client object
 func TestSetSMTPAuthCustom(t *testing.T) {
 	tests := []struct {
@@ -1162,6 +1180,81 @@ func TestClient_Send_withBrokenRecipient(t *testing.T) {
 	}
 }
 
+func TestClient_DialWithContext_switchAuth(t *testing.T) {
+	if os.Getenv("TEST_ALLOW_SEND") == "" {
+		t.Skipf("TEST_ALLOW_SEND is not set. Skipping mail sending test")
+	}
+
+	// We start with no auth explicitly set
+	client, err := NewClient(
+		os.Getenv("TEST_HOST"),
+		WithTLSPortPolicy(TLSMandatory),
+	)
+	defer func() {
+		_ = client.Close()
+	}()
+	if err != nil {
+		t.Errorf("failed to create client: %s", err)
+		return
+	}
+	if err = client.DialWithContext(context.Background()); err != nil {
+		t.Errorf("failed to dial to sending server: %s", err)
+	}
+	if err = client.Close(); err != nil {
+		t.Errorf("failed to close client connection: %s", err)
+	}
+
+	// We switch to LOGIN auth, which the server supports
+	client.SetSMTPAuth(SMTPAuthLogin)
+	client.SetUsername(os.Getenv("TEST_SMTPAUTH_USER"))
+	client.SetPassword(os.Getenv("TEST_SMTPAUTH_PASS"))
+	if err = client.DialWithContext(context.Background()); err != nil {
+		t.Errorf("failed to dial to sending server: %s", err)
+	}
+	if err = client.Close(); err != nil {
+		t.Errorf("failed to close client connection: %s", err)
+	}
+
+	// We switch to CRAM-MD5, which the server does not support - error expected
+	client.SetSMTPAuth(SMTPAuthCramMD5)
+	if err = client.DialWithContext(context.Background()); err == nil {
+		t.Errorf("expected error when dialing with unsupported auth mechanism, got nil")
+		return
+	}
+	if !errors.Is(err, ErrCramMD5AuthNotSupported) {
+		t.Errorf("expected dial error: %s, but got: %s", ErrCramMD5AuthNotSupported, err)
+	}
+
+	// We switch to CUSTOM by providing PLAIN auth as function - the server supports this
+	client.SetSMTPAuthCustom(smtp.PlainAuth("", os.Getenv("TEST_SMTPAUTH_USER"),
+		os.Getenv("TEST_SMTPAUTH_PASS"), os.Getenv("TEST_HOST")))
+	if client.smtpAuthType != SMTPAuthCustom {
+		t.Errorf("expected auth type to be Custom, got: %s", client.smtpAuthType)
+	}
+	if err = client.DialWithContext(context.Background()); err != nil {
+		t.Errorf("failed to dial to sending server: %s", err)
+	}
+	if err = client.Close(); err != nil {
+		t.Errorf("failed to close client connection: %s", err)
+	}
+
+	// We switch back to explicit no authenticaiton
+	client.SetSMTPAuth(SMTPAuthNoAuth)
+	if err = client.DialWithContext(context.Background()); err != nil {
+		t.Errorf("failed to dial to sending server: %s", err)
+	}
+	if err = client.Close(); err != nil {
+		t.Errorf("failed to close client connection: %s", err)
+	}
+
+	// Finally we set an empty string as SMTPAuthType and expect and error. This way we can
+	// verify that we do not accidentaly skip authentication with an empty string SMTPAuthType
+	client.SetSMTPAuth("")
+	if err = client.DialWithContext(context.Background()); err == nil {
+		t.Errorf("expected error when dialing with empty auth mechanism, got nil")
+	}
+}
+
 // TestClient_auth tests the Dial(), Send() and Close() method of Client with broken settings
 func TestClient_auth(t *testing.T) {
 	tests := []struct {

doc.go

@@ -11,4 +11,4 @@ package mail
 
 // VERSION indicates the current version of the package. It is also attached to the default user
 // agent string.
-const VERSION = "0.5.0"
+const VERSION = "0.5.1"

eml.go

@@ -383,7 +383,7 @@ ReadNextPart:
 		return fmt.Errorf("failed to get next part of multipart message: %w", err)
 	}
 	for err == nil {
-		// Multipart/related and Multipart/alternative parts need to be parsed seperately
+		// Multipart/related and Multipart/alternative parts need to be parsed separately
 		if contentTypeSlice, ok := multiPart.Header[HeaderContentType.String()]; ok && len(contentTypeSlice) == 1 {
 			contentType, _ := parseMultiPartHeader(contentTypeSlice[0])
 			if strings.EqualFold(contentType, TypeMultipartRelated.String()) ||

log/jsonlog.go

@@ -41,42 +41,48 @@ func NewJSON(output io.Writer, level Level) *JSONlog {
 	}
 }
 
+// logMessage is a helper function to handle different log levels and formats.
+func logMessage(level Level, log *slog.Logger, logData Log, formatFunc func(string, ...interface{}) string) {
+	lGroup := log.WithGroup(DirString).With(
+		slog.String(DirFromString, logData.directionFrom()),
+		slog.String(DirToString, logData.directionTo()),
+	)
+	switch level {
+	case LevelDebug:
+		lGroup.Debug(formatFunc(logData.Format, logData.Messages...))
+	case LevelInfo:
+		lGroup.Info(formatFunc(logData.Format, logData.Messages...))
+	case LevelWarn:
+		lGroup.Warn(formatFunc(logData.Format, logData.Messages...))
+	case LevelError:
+		lGroup.Error(formatFunc(logData.Format, logData.Messages...))
+	}
+}
+
 // Debugf logs a debug message via the structured JSON logger
 func (l *JSONlog) Debugf(log Log) {
 	if l.level >= LevelDebug {
-		l.log.WithGroup(DirString).With(
+		logMessage(LevelDebug, l.log, log, fmt.Sprintf)
-			slog.String(DirFromString, log.directionFrom()),
-			slog.String(DirToString, log.directionTo()),
-		).Debug(fmt.Sprintf(log.Format, log.Messages...))
 	}
 }
 
 // Infof logs a info message via the structured JSON logger
 func (l *JSONlog) Infof(log Log) {
 	if l.level >= LevelInfo {
-		l.log.WithGroup(DirString).With(
+		logMessage(LevelInfo, l.log, log, fmt.Sprintf)
-			slog.String(DirFromString, log.directionFrom()),
-			slog.String(DirToString, log.directionTo()),
-		).Info(fmt.Sprintf(log.Format, log.Messages...))
 	}
 }
 
 // Warnf logs a warn message via the structured JSON logger
 func (l *JSONlog) Warnf(log Log) {
 	if l.level >= LevelWarn {
-		l.log.WithGroup(DirString).With(
+		logMessage(LevelWarn, l.log, log, fmt.Sprintf)
-			slog.String(DirFromString, log.directionFrom()),
-			slog.String(DirToString, log.directionTo()),
-		).Warn(fmt.Sprintf(log.Format, log.Messages...))
 	}
 }
 
 // Errorf logs a warn message via the structured JSON logger
 func (l *JSONlog) Errorf(log Log) {
 	if l.level >= LevelError {
-		l.log.WithGroup(DirString).With(
+		logMessage(LevelError, l.log, log, fmt.Sprintf)
-			slog.String(DirFromString, log.directionFrom()),
-			slog.String(DirToString, log.directionTo()),
-		).Error(fmt.Sprintf(log.Format, log.Messages...))
 	}
 }

log/stdlog.go

@@ -35,34 +35,36 @@ func New(output io.Writer, level Level) *Stdlog {
 	}
 }
 
+// logStdMessage is a helper function to handle different log levels and formats for Stdlog.
+func logStdMessage(logger *log.Logger, logData Log, callDepth int) {
+	format := fmt.Sprintf("%s %s", logData.directionPrefix(), logData.Format)
+	_ = logger.Output(callDepth, fmt.Sprintf(format, logData.Messages...))
+}
+
 // Debugf performs a Printf() on the debug logger
 func (l *Stdlog) Debugf(log Log) {
 	if l.level >= LevelDebug {
-		format := fmt.Sprintf("%s %s", log.directionPrefix(), log.Format)
+		logStdMessage(l.debug, log, CallDepth)
-		_ = l.debug.Output(CallDepth, fmt.Sprintf(format, log.Messages...))
 	}
 }
 
 // Infof performs a Printf() on the info logger
 func (l *Stdlog) Infof(log Log) {
 	if l.level >= LevelInfo {
-		format := fmt.Sprintf("%s %s", log.directionPrefix(), log.Format)
+		logStdMessage(l.info, log, CallDepth)
-		_ = l.info.Output(CallDepth, fmt.Sprintf(format, log.Messages...))
 	}
 }
 
 // Warnf performs a Printf() on the warn logger
 func (l *Stdlog) Warnf(log Log) {
 	if l.level >= LevelWarn {
-		format := fmt.Sprintf("%s %s", log.directionPrefix(), log.Format)
+		logStdMessage(l.warn, log, CallDepth)
-		_ = l.warn.Output(CallDepth, fmt.Sprintf(format, log.Messages...))
 	}
 }
 
 // Errorf performs a Printf() on the error logger
 func (l *Stdlog) Errorf(log Log) {
 	if l.level >= LevelError {
-		format := fmt.Sprintf("%s %s", log.directionPrefix(), log.Format)
+		logStdMessage(l.err, log, CallDepth)
-		_ = l.err.Output(CallDepth, fmt.Sprintf(format, log.Messages...))
 	}
 }

smtp/auth_login.go

@@ -29,7 +29,7 @@ type loginAuth struct {
 // See: https://datatracker.ietf.org/doc/html/draft-murchison-sasl-login-00
 // Since there is no official standard RFC and we've seen different implementations
 // of this mechanism (sending "Username:", "Username", "username", "User name", etc.)
-// we follow the IETF-Draft and ignore any server challange to allow compatiblity
+// we follow the IETF-Draft and ignore any server challenge to allow compatibility
 // with most mail servers/providers.
 //
 // LoginAuth will only send the credentials if the connection is using TLS

smtp/smtp.go

@@ -54,6 +54,9 @@ type Client struct {
 	// auth supported auth mechanisms
 	auth []string
 
+	// authIsActive indicates that the Client is currently during SMTP authentication
+	authIsActive bool
+
 	// keep a reference to the connection so it can be used to create a TLS connection later
 	conn net.Conn
 
@@ -78,6 +81,9 @@ type Client struct {
 	// isConnected indicates if the Client has an active connection
 	isConnected bool
 
+	// logAuthData indicates if the Client should include SMTP authentication data in the logs
+	logAuthData bool
+
 	// localName is the name to use in HELO/EHLO
 	localName string // the name to use in HELO/EHLO
 
@@ -174,7 +180,15 @@ func (c *Client) Hello(localName string) error {
 func (c *Client) cmd(expectCode int, format string, args ...interface{}) (int, string, error) {
 	c.mutex.Lock()
 
-	c.debugLog(log.DirClientToServer, format, args...)
+	var logMsg []interface{}
+	logMsg = args
+	logFmt := format
+	if c.authIsActive {
+		logMsg = []interface{}{"<SMTP auth data redacted>"}
+		logFmt = "%s"
+	}
+	c.debugLog(log.DirClientToServer, logFmt, logMsg...)
+
 	id, err := c.Text.Cmd(format, args...)
 	if err != nil {
 		c.mutex.Unlock()
@@ -182,7 +196,13 @@ func (c *Client) cmd(expectCode int, format string, args ...interface{}) (int, s
 	}
 	c.Text.StartResponse(id)
 	code, msg, err := c.Text.ReadResponse(expectCode)
-	c.debugLog(log.DirServerToClient, "%d %s", code, msg)
+
+	logMsg = []interface{}{code, msg}
+	if c.authIsActive && code >= 300 && code <= 400 {
+		logMsg = []interface{}{code, "<SMTP auth data redacted>"}
+	}
+	c.debugLog(log.DirServerToClient, "%d %s", logMsg...)
+
 	c.Text.EndResponse(id)
 	c.mutex.Unlock()
 	return code, msg, err
@@ -256,6 +276,20 @@ func (c *Client) Auth(a Auth) error {
 	if err := c.hello(); err != nil {
 		return err
 	}
+
+	c.mutex.Lock()
+	if !c.logAuthData {
+		c.authIsActive = true
+	}
+	c.mutex.Unlock()
+	defer func() {
+		c.mutex.Lock()
+		if !c.logAuthData {
+			c.authIsActive = false
+		}
+		c.mutex.Unlock()
+	}()
+
 	encoding := base64.StdEncoding
 	mech, resp, err := a.Start(&ServerInfo{c.serverName, c.tls, c.auth})
 	if err != nil {
@@ -556,6 +590,13 @@ func (c *Client) SetLogger(l log.Logger) {
 	c.logger = l
 }
 
+// SetLogAuthData enables logging of authentication data in the Client.
+func (c *Client) SetLogAuthData() {
+	c.mutex.Lock()
+	c.logAuthData = true
+	c.mutex.Unlock()
+}
+
 // SetDSNMailReturnOption sets the DSN mail return option for the Mail method
 func (c *Client) SetDSNMailReturnOption(d string) {
 	c.dsnmrtype = d

smtp/smtp_test.go

@@ -1111,6 +1111,32 @@ func TestClient_SetLogger(t *testing.T) {
 	c.logger.Debugf(log.Log{Direction: log.DirServerToClient, Format: "%s", Messages: []interface{}{"test"}})
 }
 
+func TestClient_SetLogAuthData(t *testing.T) {
+	server := strings.Join(strings.Split(newClientServer, "\n"), "\r\n")
+
+	var cmdbuf strings.Builder
+	bcmdbuf := bufio.NewWriter(&cmdbuf)
+	out := func() string {
+		if err := bcmdbuf.Flush(); err != nil {
+			t.Errorf("failed to flush: %s", err)
+		}
+		return cmdbuf.String()
+	}
+	var fake faker
+	fake.ReadWriter = bufio.NewReadWriter(bufio.NewReader(strings.NewReader(server)), bcmdbuf)
+	c, err := NewClient(fake, "fake.host")
+	if err != nil {
+		t.Fatalf("NewClient: %v\n(after %v)", err, out())
+	}
+	defer func() {
+		_ = c.Close()
+	}()
+	c.SetLogAuthData()
+	if !c.logAuthData {
+		t.Error("Expected logAuthData to be true but received false")
+	}
+}
+
 var newClientServer = `220 hello world
 250-mx.google.com at your service
 250-SIZE 35651584
@@ -2137,7 +2163,7 @@ func SkipFlaky(t testing.TB, issue int) {
 }
 
 // testSCRAMSMTPServer represents a test server for SCRAM-based SMTP authentication.
-// It does not do any acutal computation of the challanges but verifies that the expected
+// It does not do any acutal computation of the challenges but verifies that the expected
 // fields are present. We have actual real authentication tests for all SCRAM modes in the
 // go-mail client_test.go
 type testSCRAMSMTPServer struct {