package auth import ( "bytes" "net/smtp" "testing" ) func TestAuth(t *testing.T) { type authTest struct { auth smtp.Auth challenges []string name string responses []string shouldfail []bool } authTests := []authTest{ {LoginAuth("user", "pass", "testserver"), []string{"Username:", "Password:", "2.7.0 Authentication successful", "Invalid:"}, "LOGIN", []string{"", "user", "pass", "", ""}, []bool{false, false, false, true}}, } testLoop: for i, test := range authTests { name, resp, err := test.auth.Start(&smtp.ServerInfo{Name: "testserver", TLS: true, Auth: nil}) if name != test.name { t.Errorf("#%d got name %s, expected %s", i, name, test.name) } if !bytes.Equal(resp, []byte(test.responses[0])) { t.Errorf("#%d got response %s, expected %s", i, resp, test.responses[0]) } if err != nil { t.Errorf("#%d error: %s", i, err) } for j := range test.challenges { challenge := []byte(test.challenges[j]) expected := []byte(test.responses[j+1]) resp, err := test.auth.Next(challenge, true) if err != nil && !test.shouldfail[j] { t.Errorf("#%d error: %s", i, err) continue testLoop } if !bytes.Equal(resp, expected) { t.Errorf("#%d got %s, expected %s", i, resp, expected) continue testLoop } } } } func TestAuthLogin(t *testing.T) { tests := []struct { authName string server *smtp.ServerInfo err string }{ { authName: "servername", server: &smtp.ServerInfo{Name: "servername", TLS: true}, }, { // OK to use LoginAuth on localhost without TLS authName: "localhost", server: &smtp.ServerInfo{Name: "localhost", TLS: false}, }, { // NOT OK on non-localhost, even if server says PLAIN is OK. // (We don't know that the server is the real server.) authName: "servername", server: &smtp.ServerInfo{Name: "servername", Auth: []string{"PLAIN"}}, err: "unencrypted connection", }, { authName: "servername", server: &smtp.ServerInfo{Name: "servername", Auth: []string{"CRAM-MD5"}}, err: "unencrypted connection", }, { authName: "servername", server: &smtp.ServerInfo{Name: "attacker", TLS: true}, err: "wrong host name", }, } for i, tt := range tests { auth := LoginAuth("foo", "bar", tt.authName) _, _, err := auth.Start(tt.server) got := "" if err != nil { got = err.Error() } if got != tt.err { t.Errorf("%d. got error = %q; want %q", i, got, tt.err) } } }