[Gambas-user] More authentication methods for gb.net.smtp

Sun, 29 Nov 2015 09:56:52 -0800 

Hi Benoit,

at present gb.net.smtp supports only AUTH PLAIN as authentication method.
Hans Lehmann has modified the component to include AUTH LOGIN and CRAM-MD5.
He said he tested it with his Freenet mail account which, in particular,
supports CRAM-MD5.

I have just corrected some logic errors in code flow (if one authentication
method does not work, try the next, until one succeeds or we have no more
methods available). Otherwise I have no clue about SMTP.

Would you please review the attached patch and commit if it is good? You
can apply the patch via IDE when you open the gb.net.smtp project.

Regards,
Tobi

-- 
"There's an old saying: Don't change anything... ever!" -- Mr. Monk

diff -urNaX /tmp/gambas-patch-ignore a/.src/SmtpClient.class b/.src/SmtpClient.class
--- a/.src/SmtpClient.class	2015-08-30 15:55:42.000000000 +0200
+++ b/.src/SmtpClient.class	2015-11-29 18:38:25.000000000 +0100
@@ -309,21 +309,54 @@
 End
 
 Private Sub Authenticate()
-  
-  Dim sData As String
-  
+
+  Dim sChallenge64, sChallenge, sKey, sCommand, sResponse, sDigestHex As String
+
   If Not $sUser Then Return
-  
-  sData = $hSession.Send("AUTH PLAIN")
-  If $hSession.LastCode <> "334" Then Error.Raise("Unsupported authentication method")
-  
-  sData = $hSession.Send(Base64$($sUser & Chr$(0) & $sUser & Chr$(0) & $sPassword), True)
-  If $hSession.LastCode <> "235" Then Error.Raise("Authentication failed")
-  
+
+  ' AUTH LOGIN
+  $hSession.Send("AUTH LOGIN")
+  If $hSession.LastCode = "334" Then
+    $hSession.Send(Base64$($sUser))
+    If $hSession.LastCode = "334" Then
+      $hSession.Send(Base64$($sPassword))
+      If $hSession.LastCode = "235" Then Return
+    Endif
+  Endif
+
+  ' AUTH PLAIN
+  $hSession.Send("AUTH PLAIN")
+  If $hSession.LastCode <> "334" Then
+    $hSession.Send("AUTH PLAIN " & Base64$($sUser & Chr$(0) & $sUser & Chr$(0) & $sPassword), True)
+  Else
+    $hSession.Send(Base64$($sUser & Chr$(0) & $sUser & Chr$(0) & $sPassword), True)
+  Endif
+  If $hSession.LastCode = "235" Then Return
+
+  ' CRAM-MD5
+  $hSession.Send("AUTH CRAM-MD5")
+  If $hSession.LastCode = "334" Then Print "LastAnswer = "; $hSession.LastAnswer
+
+  sChallenge64 = Split($hSession.LastAnswer, " ")[1]
+  sChallenge = UnBase64(sChallenge64)
+  sKey = $sPassword
+
+  sCommand = "echo -n '" & sChallenge & "' | openssl md5 -hmac " & "'" & sKey & "'"
+  Shell sCommand To sDigestHex
+
+  sDigestHex = Split(Trim(sDigestHex), "=")[1]
+  sResponse = Base64($sUser & sDigestHex)
+
+  $hSession.Send(sResponse)
+  If $hSession.LastCode = "235" Then Return
+
+  ' Nothing worked?
+  Error.Raise("Authentication failed")
+
 Catch
-  
+
   Error.Raise("Unable to authenticate: " & Error.Text)
-  
+
 End
 
 Private Sub SendRecipients()

------------------------------------------------------------------------------

_______________________________________________
Gambas-user mailing list
Gambas-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/gambas-user

Reply via email to