Added support for SMTP authentication (using AUTH LOGIN, PLAIN, and CRAM-MD5)

for outbound/relayed messages.

Added support for SMTP authentication (using AUTH LOGIN, PLAIN, and CRAM-MD5)
4443d93f · rswindell · 173dd1d3 · 4443d93f · 4443d93f · 4443d93f
Commit 4443d93f authored 20 years ago by rswindell
--- a/src/sbbs3/ini_opts.h
+++ b/src/sbbs3/ini_opts.h
@@ -121,6 +121,9 @@ static ini_bitdesc_t mail_options[] = {
 	{ MAIL_OPT_DNSBL_THROTTLE		,"DNSBL_THROTTLE"		},
 	{ MAIL_OPT_DNSBL_DEBUG			,"DNSBL_DEBUG"			},
 	{ MAIL_OPT_SEND_INTRANSIT		,"SEND_INTRANSIT"		},
+	{ MAIL_OPT_RELAY_AUTH_PLAIN		,"RELAY_AUTH_PLAIN"		},
+	{ MAIL_OPT_RELAY_AUTH_LOGIN		,"RELAY_AUTH_LOGIN"		},
+	{ MAIL_OPT_RELAY_AUTH_CRAM_MD5	,"RELAY_AUTH_CRAM_MD5"	},
 	{ MAIL_OPT_NO_RECYCLE			,"NO_RECYCLE"			},
 	{ MAIL_OPT_LOCAL_TIMEZONE		,"LOCAL_TIMEZONE"		},
 	{ MAIL_OPT_MUTE					,"MUTE"					},

--- a/src/sbbs3/mailsrvr.c
+++ b/src/sbbs3/mailsrvr.c
@@ -3353,8 +3353,14 @@ static void sendmail_thread(void* arg)
 	char		mx2[128];
 	char		err[1024];
 	char		buf[512];
+	char		str[128];
+	char		resp[512];
 	char		toaddr[256];
 	char		fromaddr[256];
+	char		challenge[256];
+	char		secret[64];
+	char		md5_data[384];
+	char		digest[MD5_DIGEST_SIZE];
 	char*		server;
 	char*		msgtxt=NULL;
 	char*		p;
@@ -3626,6 +3632,89 @@ static void sendmail_thread(void* arg)
 				bounce(&smb,&msg,err,buf[0]=='5');
 				continue;
 			}
+
+			/* AUTH */
+			if(startup->options&MAIL_OPT_RELAY_TX 
+				&& (startup->options&MAIL_OPT_RELAY_AUTH_MASK)!=0) {
+				switch(startup->options&MAIL_OPT_RELAY_AUTH_MASK) {
+					case MAIL_OPT_RELAY_AUTH_PLAIN:
+						p="PLAIN";
+						break;
+					case MAIL_OPT_RELAY_AUTH_LOGIN:
+						p="LOGIN";
+						break;
+					case MAIL_OPT_RELAY_AUTH_CRAM_MD5:
+						p="CRAM-MD5";
+						break;
+					default:
+						p="<unknown>";
+						break;
+				}
+				sockprintf(sock,"AUTH %s",p);
+				if(!sockgetrsp(sock,"334",buf,sizeof(buf))) {
+					SAFEPRINTF3(err,badrsp_err,server,buf,"334 Username/Challenge");
+					bounce(&smb,&msg,err,buf[0]=='5');
+					continue;
+				}
+				switch(startup->options&MAIL_OPT_RELAY_AUTH_MASK) {
+					case MAIL_OPT_RELAY_AUTH_PLAIN:
+						p=startup->relay_user;
+						break;
+					case MAIL_OPT_RELAY_AUTH_LOGIN:
+						b64_encode(p=resp,sizeof(resp),startup->relay_user,0);
+						break;
+					case MAIL_OPT_RELAY_AUTH_CRAM_MD5:
+						p=buf;
+						FIND_WHITESPACE(p);
+						SKIP_WHITESPACE(p);
+						b64_decode(challenge,sizeof(challenge),p,0);
+
+						/* Calculate response */
+						memset(secret,0,sizeof(secret));
+						SAFECOPY(secret,startup->relay_pass);
+						for(i=0;i<sizeof(secret);i++)
+							md5_data[i]=secret[i]^0x36;	/* ipad */
+						strcpy(md5_data+i,challenge);
+						MD5_calc(digest,md5_data,sizeof(secret)+strlen(challenge));
+						for(i=0;i<sizeof(secret);i++)
+							md5_data[i]=secret[i]^0x5c;	/* opad */
+						memcpy(md5_data+i,digest,sizeof(digest));
+						MD5_calc(digest,md5_data,sizeof(secret)+sizeof(digest));
+						
+						safe_snprintf(buf,sizeof(buf),"%s %s",startup->relay_user,MD5_hex(str,digest));
+						b64_encode(p=resp,sizeof(resp),buf,0);
+						break;
+					default:
+						p="<unknown>";
+						break;
+				}
+				sockprintf(sock,"%s",p);
+				if((startup->options&MAIL_OPT_RELAY_AUTH_MASK)!=MAIL_OPT_RELAY_AUTH_CRAM_MD5) {
+					if(!sockgetrsp(sock,"334",buf,sizeof(buf))) {
+						SAFEPRINTF3(err,badrsp_err,server,buf,"334 Password");
+						bounce(&smb,&msg,err,buf[0]=='5');
+						continue;
+					}
+					switch(startup->options&MAIL_OPT_RELAY_AUTH_MASK) {
+						case MAIL_OPT_RELAY_AUTH_PLAIN:
+							p=startup->relay_pass;
+							break;
+						case MAIL_OPT_RELAY_AUTH_LOGIN:
+							b64_encode(p=buf,sizeof(buf),startup->relay_pass,0);
+							break;
+						default:
+							p="<unknown>";
+							break;
+					}
+					sockprintf(sock,"%s",p);
+				}
+				if(!sockgetrsp(sock,"235",buf,sizeof(buf))) {
+					SAFEPRINTF3(err,badrsp_err,server,buf,"235");
+					bounce(&smb,&msg,err,buf[0]=='5');
+					continue;
+				}
+			}
+
 			/* MAIL */
 			if(msg.from_net.type==NET_INTERNET && msg.reverse_path!=NULL)
 				SAFECOPY(fromaddr,msg.reverse_path);

--- a/src/sbbs3/mailsrvr.h
+++ b/src/sbbs3/mailsrvr.h
@@ -74,9 +74,8 @@ typedef struct {
    BOOL	(*seteuid)(BOOL user);
 	BOOL	(*setuid)(BOOL force);

-	/* Paths */
+	/* Strings */
    char    ctrl_dir[128];
-    char	relay_server[128];
    char	dns_server[128];
    char	default_user[128];
    char	dnsbl_tag[32];		// Tag to add to blacklisted subject
@@ -92,32 +91,43 @@ typedef struct {
 	sem_t	recycle_sem;
 	DWORD	log_mask;

+	/* Relay Server */
+    char	relay_server[128];
+	/* Relay authentication required */
+	char	relay_user[128];
+	char	relay_pass[128];
+
 } mail_startup_t;

-#define MAIL_OPT_DEBUG_RX_HEADER	(1<<0)
-#define MAIL_OPT_DEBUG_RX_BODY		(1<<1)
-#define MAIL_OPT_ALLOW_POP3			(1<<2)
-#define MAIL_OPT_DEBUG_TX			(1<<3)
-#define MAIL_OPT_DEBUG_RX_RSP		(1<<4)
-#define MAIL_OPT_RELAY_TX			(1<<5)	/* Use SMTP relay server */
-#define MAIL_OPT_DEBUG_POP3			(1<<6)
-#define MAIL_OPT_ALLOW_RX_BY_NUMBER	(1<<7)	/* Allow mail sent to user # */
-#define MAIL_OPT_NO_NOTIFY			(1<<8)	/* Don't notify local recipients */
-#define MAIL_OPT_NO_HOST_LOOKUP		(1<<11)	/* Don't look-up hostnames */
-#define MAIL_OPT_USE_TCP_DNS		(1<<12)	/* Use TCP vs UDP for DNS req */
-#define MAIL_OPT_NO_SENDMAIL		(1<<13)	/* Don't run SendMail thread */
-#define MAIL_OPT_ALLOW_RELAY		(1<<14)	/* Allow relays from stored user IPs */
-#define MAIL_OPT_DNSBL_REFUSE		(1<<15) /* Refuse session, return error */
-#define MAIL_OPT_DNSBL_IGNORE		(1<<16) /* Dump mail, return success */
-#define MAIL_OPT_DNSBL_BADUSER		(1<<17) /* Refuse mail (bad user name) */
-#define MAIL_OPT_DNSBL_CHKRECVHDRS	(1<<18)	/* Check all Recieved: from addresses */
-#define MAIL_OPT_DNSBL_THROTTLE		(1<<19)	/* Throttle receive from blacklisted servers */
-#define MAIL_OPT_DNSBL_DEBUG		(1<<20) /* Debug DNSBL activity */
-#define MAIL_OPT_SMTP_AUTH_VIA_IP	(1<<21)	/* Allow SMTP authentication via IP */
-#define MAIL_OPT_SEND_INTRANSIT		(1<<22)	/* Send mail, even if already "in transit" */
-#define MAIL_OPT_NO_RECYCLE			(1<<27)	/* Disable recycling of server		*/
-#define MAIL_OPT_LOCAL_TIMEZONE		(1<<30)	/* Don't force UTC/GMT */
-#define MAIL_OPT_MUTE				(1<<31)
+#define MAIL_OPT_DEBUG_RX_HEADER		(1<<0)
+#define MAIL_OPT_DEBUG_RX_BODY			(1<<1)
+#define MAIL_OPT_ALLOW_POP3				(1<<2)
+#define MAIL_OPT_DEBUG_TX				(1<<3)
+#define MAIL_OPT_DEBUG_RX_RSP			(1<<4)
+#define MAIL_OPT_RELAY_TX				(1<<5)	/* Use SMTP relay server */
+#define MAIL_OPT_DEBUG_POP3				(1<<6)
+#define MAIL_OPT_ALLOW_RX_BY_NUMBER		(1<<7)	/* Allow mail sent to user # */
+#define MAIL_OPT_NO_NOTIFY				(1<<8)	/* Don't notify local recipients */
+#define MAIL_OPT_NO_HOST_LOOKUP			(1<<11)	/* Don't look-up hostnames */
+#define MAIL_OPT_USE_TCP_DNS			(1<<12)	/* Use TCP vs UDP for DNS req */
+#define MAIL_OPT_NO_SENDMAIL			(1<<13)	/* Don't run SendMail thread */
+#define MAIL_OPT_ALLOW_RELAY			(1<<14)	/* Allow relays from stored user IPs */
+#define MAIL_OPT_DNSBL_REFUSE			(1<<15) /* Refuse session, return error */
+#define MAIL_OPT_DNSBL_IGNORE			(1<<16) /* Dump mail, return success */
+#define MAIL_OPT_DNSBL_BADUSER			(1<<17) /* Refuse mail (bad user name) */
+#define MAIL_OPT_DNSBL_CHKRECVHDRS		(1<<18)	/* Check all Recieved: from addresses */
+#define MAIL_OPT_DNSBL_THROTTLE			(1<<19)	/* Throttle receive from blacklisted servers */
+#define MAIL_OPT_DNSBL_DEBUG			(1<<20) /* Debug DNSBL activity */
+#define MAIL_OPT_SMTP_AUTH_VIA_IP		(1<<21)	/* Allow SMTP authentication via IP */
+#define MAIL_OPT_SEND_INTRANSIT			(1<<22)	/* Send mail, even if already "in transit" */
+#define MAIL_OPT_RELAY_AUTH_PLAIN		(1<<23)
+#define MAIL_OPT_RELAY_AUTH_LOGIN		(1<<24)
+#define MAIL_OPT_RELAY_AUTH_CRAM_MD5	(1<<25)
+#define MAIL_OPT_NO_RECYCLE				(1<<27)	/* Disable recycling of server		*/
+#define MAIL_OPT_LOCAL_TIMEZONE			(1<<30)	/* Don't force UTC/GMT */
+#define MAIL_OPT_MUTE					(1<<31)
+
+#define MAIL_OPT_RELAY_AUTH_MASK		(MAIL_OPT_RELAY_AUTH_PLAIN|MAIL_OPT_RELAY_AUTH_LOGIN|MAIL_OPT_RELAY_AUTH_CRAM_MD5)

 #ifdef DLLEXPORT
 #undef DLLEXPORT

--- a/src/sbbs3/sbbs_ini.c
+++ b/src/sbbs3/sbbs_ini.c
@@ -312,6 +312,11 @@ void sbbs_read_ini(

 		SAFECOPY(mail->relay_server
 			,iniGetString(fp,section,"RelayServer",mail->relay_server,value));
+		SAFECOPY(mail->relay_user
+			,iniGetString(fp,section,"RelayUsername",mail->relay_user,value));
+		SAFECOPY(mail->relay_pass
+			,iniGetString(fp,section,"RelayPassword",mail->relay_pass,value));
+
 		SAFECOPY(mail->dns_server
 			,iniGetString(fp,section,"DNSServer",mail->dns_server,value));

@@ -703,6 +708,11 @@ BOOL sbbs_write_ini(

 		if(!iniSetString(lp,section,"RelayServer",mail->relay_server,&style))
 			break;
+		if(!iniSetString(lp,section,"RelayUsername",mail->relay_user,&style))
+			break;
+		if(!iniSetString(lp,section,"RelayPassword",mail->relay_pass,&style))
+			break;
+
 		if(!iniSetString(lp,section,"DNSServer",mail->dns_server,&style))
 			break;