From 59c708d85170244340328adcc6ae9a0cb25590bd Mon Sep 17 00:00:00 2001 From: yangtan_win Date: Thu, 30 Mar 2023 13:20:56 +0800 Subject: [PATCH 1/6] Add ntlm authentication support for mail --- services/mailer/mailer.go | 33 +++++++++++++++++++++++++++++++++ 1 file changed, 33 insertions(+) diff --git a/services/mailer/mailer.go b/services/mailer/mailer.go index 91cc8cb405e0b..46cbd35b960a5 100644 --- a/services/mailer/mailer.go +++ b/services/mailer/mailer.go @@ -26,6 +26,7 @@ import ( "code.gitea.io/gitea/modules/setting" "code.gitea.io/gitea/modules/templates" + ntlmssp "github.com/Azure/go-ntlmssp" "github.com/jaytaylor/html2text" "gopkg.in/gomail.v2" ) @@ -145,6 +146,36 @@ func (a *loginAuth) Next(fromServer []byte, more bool) ([]byte, error) { return nil, nil } +type ntlmAuth struct { + username, password, domain string + domainNeeded bool +} + +// NtlmAuth SMTP AUTH NTLM Auth Handler +func NtlmAuth(username, password string) smtp.Auth { + user, domain, domainNeeded := ntlmssp.GetDomain(username) + return &ntlmAuth{user, password, domain, domainNeeded} +} + +// Start start SMTP ntlm auth +func (a *ntlmAuth) Start(server *smtp.ServerInfo) (string, []byte, error) { + negotiateMessage, err := ntlmssp.NewNegotiateMessage(a.domain, "") + return "NTLM", negotiateMessage, err +} + +// Next next step of SMTP ntlm auth +func (a *ntlmAuth) Next(fromServer []byte, more bool) ([]byte, error) { + if more { + if len(fromServer) == 0 { + return nil, fmt.Errorf("ChallengeMessage is empty. ") + } else { + authenticateMessage, err := ntlmssp.ProcessChallenge(fromServer, a.username, a.password, a.domainNeeded) + return authenticateMessage, err + } + } + return nil, nil +} + // Sender SMTP mail sender type smtpSender struct{} @@ -237,6 +268,8 @@ func (s *smtpSender) Send(from string, to []string, msg io.WriterTo) error { } else if strings.Contains(options, "LOGIN") { // Patch for AUTH LOGIN auth = LoginAuth(opts.User, opts.Passwd) + } else if strings.Contains(options, "NTLM") { + auth = NtlmAuth(opts.User, opts.Passwd) } if auth != nil { From e433048c603639aaa126175a9d6a03ba18b90a70 Mon Sep 17 00:00:00 2001 From: yangtan <18089264201@163.com> Date: Tue, 4 Apr 2023 14:20:41 +0800 Subject: [PATCH 2/6] Optimize the code based on the golangci-lint result and run make tidy --- go.mod | 2 +- services/mailer/mailer.go | 5 ++--- 2 files changed, 3 insertions(+), 4 deletions(-) diff --git a/go.mod b/go.mod index ba7ab27c193e7..ae9f2a98c4304 100644 --- a/go.mod +++ b/go.mod @@ -14,6 +14,7 @@ require ( gitea.com/lunny/dingtalk_webhook v0.0.0-20171025031554-e3534c89ef96 gitea.com/lunny/levelqueue v0.4.2-0.20220729054728-f020868cc2f7 github.com/42wim/sshsig v0.0.0-20211121163825-841cf5bbc121 + github.com/Azure/go-ntlmssp v0.0.0-20221128193559-754e69321358 github.com/NYTimes/gziphandler v1.1.1 github.com/PuerkitoBio/goquery v1.8.0 github.com/alecthomas/chroma/v2 v2.5.0 @@ -125,7 +126,6 @@ require ( cloud.google.com/go/compute v1.18.0 // indirect cloud.google.com/go/compute/metadata v0.2.3 // indirect git.sr.ht/~mariusor/go-xsd-duration v0.0.0-20220703122237-02e73435a078 // indirect - github.com/Azure/go-ntlmssp v0.0.0-20221128193559-754e69321358 // indirect github.com/Masterminds/goutils v1.1.1 // indirect github.com/Masterminds/semver/v3 v3.2.0 // indirect github.com/Masterminds/sprig/v3 v3.2.3 // indirect diff --git a/services/mailer/mailer.go b/services/mailer/mailer.go index 46cbd35b960a5..cd7cef4f12305 100644 --- a/services/mailer/mailer.go +++ b/services/mailer/mailer.go @@ -168,10 +168,9 @@ func (a *ntlmAuth) Next(fromServer []byte, more bool) ([]byte, error) { if more { if len(fromServer) == 0 { return nil, fmt.Errorf("ChallengeMessage is empty. ") - } else { - authenticateMessage, err := ntlmssp.ProcessChallenge(fromServer, a.username, a.password, a.domainNeeded) - return authenticateMessage, err } + authenticateMessage, err := ntlmssp.ProcessChallenge(fromServer, a.username, a.password, a.domainNeeded) + return authenticateMessage, err } return nil, nil } From 8b2873f10d170a002472e7caf4930cc82e69a260 Mon Sep 17 00:00:00 2001 From: silverwind Date: Wed, 12 Apr 2023 15:45:35 +0200 Subject: [PATCH 3/6] Update services/mailer/mailer.go --- services/mailer/mailer.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/services/mailer/mailer.go b/services/mailer/mailer.go index cd7cef4f12305..bcae7bd3d1176 100644 --- a/services/mailer/mailer.go +++ b/services/mailer/mailer.go @@ -157,7 +157,7 @@ func NtlmAuth(username, password string) smtp.Auth { return &ntlmAuth{user, password, domain, domainNeeded} } -// Start start SMTP ntlm auth +// Start starts SMTP NTLM Auth func (a *ntlmAuth) Start(server *smtp.ServerInfo) (string, []byte, error) { negotiateMessage, err := ntlmssp.NewNegotiateMessage(a.domain, "") return "NTLM", negotiateMessage, err From 3db9c62fc5cc846ada35bef04f38b83e9e30d26d Mon Sep 17 00:00:00 2001 From: silverwind Date: Wed, 12 Apr 2023 15:45:43 +0200 Subject: [PATCH 4/6] Update services/mailer/mailer.go --- services/mailer/mailer.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/services/mailer/mailer.go b/services/mailer/mailer.go index bcae7bd3d1176..dedefccddec13 100644 --- a/services/mailer/mailer.go +++ b/services/mailer/mailer.go @@ -167,7 +167,7 @@ func (a *ntlmAuth) Start(server *smtp.ServerInfo) (string, []byte, error) { func (a *ntlmAuth) Next(fromServer []byte, more bool) ([]byte, error) { if more { if len(fromServer) == 0 { - return nil, fmt.Errorf("ChallengeMessage is empty. ") + return nil, fmt.Errorf("NTLM ChallengeMessage is empty.") } authenticateMessage, err := ntlmssp.ProcessChallenge(fromServer, a.username, a.password, a.domainNeeded) return authenticateMessage, err From c67158b60d42fc591144b2f943c4d759df0ffb7c Mon Sep 17 00:00:00 2001 From: silverwind Date: Sat, 22 Apr 2023 23:51:49 +0200 Subject: [PATCH 5/6] Update services/mailer/mailer.go --- services/mailer/mailer.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/services/mailer/mailer.go b/services/mailer/mailer.go index dedefccddec13..4ee526bbb0aa1 100644 --- a/services/mailer/mailer.go +++ b/services/mailer/mailer.go @@ -167,7 +167,7 @@ func (a *ntlmAuth) Start(server *smtp.ServerInfo) (string, []byte, error) { func (a *ntlmAuth) Next(fromServer []byte, more bool) ([]byte, error) { if more { if len(fromServer) == 0 { - return nil, fmt.Errorf("NTLM ChallengeMessage is empty.") + return nil, fmt.Errorf("ntlm ChallengeMessage is empty.") } authenticateMessage, err := ntlmssp.ProcessChallenge(fromServer, a.username, a.password, a.domainNeeded) return authenticateMessage, err From 61db78b56408b13843d007d645e9eaf8533ed0f3 Mon Sep 17 00:00:00 2001 From: silverwind Date: Tue, 2 May 2023 16:00:55 +0200 Subject: [PATCH 6/6] Fix lint --- services/mailer/mailer.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/services/mailer/mailer.go b/services/mailer/mailer.go index 4ee526bbb0aa1..3d878b7c8c341 100644 --- a/services/mailer/mailer.go +++ b/services/mailer/mailer.go @@ -167,7 +167,7 @@ func (a *ntlmAuth) Start(server *smtp.ServerInfo) (string, []byte, error) { func (a *ntlmAuth) Next(fromServer []byte, more bool) ([]byte, error) { if more { if len(fromServer) == 0 { - return nil, fmt.Errorf("ntlm ChallengeMessage is empty.") + return nil, fmt.Errorf("ntlm ChallengeMessage is empty") } authenticateMessage, err := ntlmssp.ProcessChallenge(fromServer, a.username, a.password, a.domainNeeded) return authenticateMessage, err