diff -r 8566a95a85be -r 6998c0e89536 doc/monit.pod --- a/doc/monit.pod Mon Feb 25 00:23:57 2013 +0400 +++ b/doc/monit.pod Mon Mar 04 18:55:04 2013 +0400 @@ -893,7 +893,8 @@ SET MAILSERVER {hostname|ip-address [PORT port] [USERNAME username] [PASSWORD password] - [using SSLV2|SSLV3|TLSV1] [CERTMD5 checksum]}+ + [using SSLV2|SSLV3|TLSV1] [CERTMD5 checksum] + [AUTH PLAIN|LOGIN]}+ [with TIMEOUT X SECONDS] [using HOSTNAME hostname] @@ -901,8 +902,13 @@ listening on port 25. If omitted, port 25 is used unless ssl or tls is used, in which case port 465 is used by default. -Monit support plain smtp authentication - you can set a username -and a password using the USERNAME and PASSWORD options. +Monit supports PLAIN or LOGIN methods of smtp authentication - you can +set a username and a password using the USERNAME and PASSWORD options. +Authentication method is selected using AUTH option. Default method is +AUTH PLAIN. + + set mailserver mail.foo.bar port 25 + username "Twas" password "Brillig" auth login To use secure communication, use the SSLV2, SSLV3 or TLSV1 options, you can also specify the server certificate checksum diff -r 8566a95a85be -r 6998c0e89536 src/l.l --- a/src/l.l Mon Feb 25 00:23:57 2013 +0400 +++ b/src/l.l Mon Mar 04 18:55:04 2013 +0400 @@ -163,6 +163,9 @@ address { return ADDRESS; } clientpemfile { return CLIENTPEMFILE; } allowselfcertification { return ALLOWSELFCERTIFICATION; } +auth { return AUTH; } +plain { return PLAIN; } +login { return LOGIN; } certmd5 { return CERTMD5; } pemfile { return PEMFILE; } init { return INIT; } diff -r 8566a95a85be -r 6998c0e89536 src/monit.h --- a/src/monit.h Mon Feb 25 00:23:57 2013 +0400 +++ b/src/monit.h Mon Mar 04 18:55:04 2013 +0400 @@ -122,6 +122,9 @@ #define SSL_TIMEOUT 15 #define SMTP_TIMEOUT 30 +#define SMTP_AUTH_PLAIN 0 +#define SMTP_AUTH_LOGIN 1 + #define START_DELAY 0 #define EXEC_TIMEOUT 30 #define PROGRAM_TIMEOUT 600 @@ -371,6 +374,7 @@ int port; /**< Server port */ char *username; /** < Username for SMTP_AUTH */ char *password; /** < Password for SMTP_AUTH */ + int auth; /** Type of SMTP AUTH */ Ssl_T ssl; /**< SSL definition */ /** For internal use */ diff -r 8566a95a85be -r 6998c0e89536 src/p.y --- a/src/p.y Mon Feb 25 00:23:57 2013 +0400 +++ b/src/p.y Mon Mar 04 18:55:04 2013 +0400 @@ -287,7 +287,7 @@ %token GROUP REQUEST DEPENDS BASEDIR SLOT EVENTQUEUE SECRET HOSTHEADER %token UID GID MMONIT INSTANCE USERNAME PASSWORD %token TIMESTAMP CHANGED SECOND MINUTE HOUR DAY -%token SSLAUTO SSLV2 SSLV3 TLSV1 CERTMD5 +%token SSLAUTO SSLV2 SSLV3 TLSV1 CERTMD5 AUTH PLAIN LOGIN %token BYTE KILOBYTE MEGABYTE GIGABYTE %token INODE SPACE PERMISSION SIZE MATCH NOT IGNORE ACTION UPTIME %token EXEC UNMONITOR ICMP ICMPECHO NONEXIST EXIST INVALID DATA RECOVERED PASSED SUCCEEDED @@ -626,7 +626,7 @@ | mailserverlist mailserver ; -mailserver : STRING username password sslversion certmd5 { +mailserver : STRING username password sslversion certmd5 smtpauth { /* Restore the current text overriden by lookahead */ FREE(argyytext); argyytext = Str_dup($1); @@ -636,6 +636,7 @@ mailserverset.username = $2; mailserverset.password = $3; mailserverset.ssl.version = $4; + mailserverset.auth = $6; if (mailserverset.ssl.version != SSL_VERSION_NONE) { mailserverset.ssl.use_ssl = TRUE; if (mailserverset.ssl.version == SSL_VERSION_SSLV2 || @@ -645,7 +646,7 @@ } addmailserver(&mailserverset); } - | STRING PORT NUMBER username password sslversion certmd5 { + | STRING PORT NUMBER username password sslversion certmd5 smtpauth { /* Restore the current text overriden by lookahead */ FREE(argyytext); argyytext = Str_dup($1); @@ -656,6 +657,7 @@ mailserverset.username = $4; mailserverset.password = $5; mailserverset.ssl.version = $6; + mailserverset.auth = $8; if (mailserverset.ssl.version != SSL_VERSION_NONE) { mailserverset.ssl.use_ssl = TRUE; mailserverset.ssl.certmd5 = $7; @@ -1014,6 +1016,11 @@ | SSLAUTO { $$ = SSL_VERSION_AUTO; } ; +smtpauth : /* EMPTY */ { $$ = SMTP_AUTH_PLAIN; } + | AUTH PLAIN { $$ = SMTP_AUTH_PLAIN; } + | AUTH LOGIN { $$ = SMTP_AUTH_LOGIN; } + ; + protocol : /* EMPTY */ { portset.protocol = Protocol_get(Protocol_DEFAULT); } @@ -2904,6 +2911,7 @@ s->password = mailserver->password; s->ssl.use_ssl = mailserver->ssl.use_ssl; s->ssl.version = mailserver->ssl.version; + s->auth = mailserver->auth; s->ssl.certmd5 = mailserver->ssl.certmd5; s->next = NULL; @@ -3244,6 +3252,7 @@ static void reset_mailserverset() { memset(&mailserverset, 0, sizeof(struct mymailserver)); mailserverset.port = PORT_SMTP; + mailserverset.auth = SMTP_AUTH_PLAIN; mailserverset.ssl.use_ssl = FALSE; mailserverset.ssl.version = SSL_VERSION_AUTO; } diff -r 8566a95a85be -r 6998c0e89536 src/sendmail.c --- a/src/sendmail.c Mon Feb 25 00:23:57 2013 +0400 +++ b/src/sendmail.c Mon Mar 04 18:55:04 2013 +0400 @@ -98,6 +98,7 @@ int port; const char *username; const char *password; + int auth; Ssl_T ssl; char localhost[STRLEN]; } SendMail_T; @@ -147,6 +148,7 @@ S->username = mta->username; S->password = mta->password; S->ssl = mta->ssl; + S->auth = mta->auth; } else { LogError("No mail servers are defined -- see manual for 'set mailserver' statement\n"); siglongjmp(S->error, SendmailStatus_ErrorOpen); @@ -166,6 +168,7 @@ S->username = mta->username; S->password = mta->password; S->ssl = mta->ssl; + S->auth = mta->auth; LogInfo("Trying the next mail server '%s:%i'\n", S->server, S->port); continue; } else { @@ -201,6 +204,8 @@ SendMail_T S; SendmailStatus_Type status = SendmailStatus_Ok; char *b64 = NULL; + char *username_b64 = NULL; + char *password_b64 = NULL; char now[STRLEN]; ASSERT(mail); @@ -229,10 +234,23 @@ /* Authenticate if possible */ if (S.username) { unsigned char buffer[STRLEN]; - int len = snprintf((char *)buffer, STRLEN, "%c%s%c%s", '\0', S.username, '\0', S.password?S.password:""); - b64 = encode_base64(len, buffer); - do_send(&S, "AUTH PLAIN %s\r\n", b64); - do_status(&S); + if (S.auth == SMTP_AUTH_PLAIN) { + int len = snprintf((char *)buffer, STRLEN, "%c%s%c%s", '\0', S.username, '\0', S.password?S.password:""); + b64 = encode_base64(len, buffer); + do_send(&S, "AUTH PLAIN %s\r\n", b64); + do_status(&S); + } else { + strcpy(buffer, S.username); + username_b64 = encode_base64(strlen(buffer), buffer); + strcpy(buffer, S.password ? S.password : ""); + password_b64 = encode_base64(strlen(buffer), buffer); + do_send(&S, "AUTH LOGIN\r\n"); + do_status(&S); + do_send(&S, "%s\r\n", username_b64); + do_status(&S); + do_send(&S, "%s\r\n", password_b64); + do_status(&S); + } } for (m = mail; m; m = m->next) { do_send(&S, "MAIL FROM: <%s>\r\n", m->from);