Add ntlm authentication support for mail (#23811)
Add ntlm authentication support for mail use "github.com/Azure/go-ntlmssp" --------- Co-authored-by: yangtan_win <YangTan@Fitsco.com.cn> Co-authored-by: silverwind <me@silverwind.io>
This commit is contained in:
parent
bcdd3c30af
commit
8be6da3e2f
2
go.mod
2
go.mod
@ -14,6 +14,7 @@ require (
|
|||||||
gitea.com/lunny/dingtalk_webhook v0.0.0-20171025031554-e3534c89ef96
|
gitea.com/lunny/dingtalk_webhook v0.0.0-20171025031554-e3534c89ef96
|
||||||
gitea.com/lunny/levelqueue v0.4.2-0.20220729054728-f020868cc2f7
|
gitea.com/lunny/levelqueue v0.4.2-0.20220729054728-f020868cc2f7
|
||||||
github.com/42wim/sshsig v0.0.0-20211121163825-841cf5bbc121
|
github.com/42wim/sshsig v0.0.0-20211121163825-841cf5bbc121
|
||||||
|
github.com/Azure/go-ntlmssp v0.0.0-20221128193559-754e69321358
|
||||||
github.com/NYTimes/gziphandler v1.1.1
|
github.com/NYTimes/gziphandler v1.1.1
|
||||||
github.com/PuerkitoBio/goquery v1.8.0
|
github.com/PuerkitoBio/goquery v1.8.0
|
||||||
github.com/alecthomas/chroma/v2 v2.5.0
|
github.com/alecthomas/chroma/v2 v2.5.0
|
||||||
@ -127,7 +128,6 @@ require (
|
|||||||
cloud.google.com/go/compute v1.18.0 // indirect
|
cloud.google.com/go/compute v1.18.0 // indirect
|
||||||
cloud.google.com/go/compute/metadata v0.2.3 // indirect
|
cloud.google.com/go/compute/metadata v0.2.3 // indirect
|
||||||
git.sr.ht/~mariusor/go-xsd-duration v0.0.0-20220703122237-02e73435a078 // indirect
|
git.sr.ht/~mariusor/go-xsd-duration v0.0.0-20220703122237-02e73435a078 // indirect
|
||||||
github.com/Azure/go-ntlmssp v0.0.0-20221128193559-754e69321358 // indirect
|
|
||||||
github.com/Masterminds/goutils v1.1.1 // indirect
|
github.com/Masterminds/goutils v1.1.1 // indirect
|
||||||
github.com/Masterminds/semver/v3 v3.2.0 // indirect
|
github.com/Masterminds/semver/v3 v3.2.0 // indirect
|
||||||
github.com/Masterminds/sprig/v3 v3.2.3 // indirect
|
github.com/Masterminds/sprig/v3 v3.2.3 // indirect
|
||||||
|
@ -26,6 +26,7 @@ import (
|
|||||||
"code.gitea.io/gitea/modules/setting"
|
"code.gitea.io/gitea/modules/setting"
|
||||||
"code.gitea.io/gitea/modules/templates"
|
"code.gitea.io/gitea/modules/templates"
|
||||||
|
|
||||||
|
ntlmssp "github.com/Azure/go-ntlmssp"
|
||||||
"github.com/jaytaylor/html2text"
|
"github.com/jaytaylor/html2text"
|
||||||
"gopkg.in/gomail.v2"
|
"gopkg.in/gomail.v2"
|
||||||
)
|
)
|
||||||
@ -145,6 +146,35 @@ func (a *loginAuth) Next(fromServer []byte, more bool) ([]byte, error) {
|
|||||||
return nil, nil
|
return nil, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
type ntlmAuth struct {
|
||||||
|
username, password, domain string
|
||||||
|
domainNeeded bool
|
||||||
|
}
|
||||||
|
|
||||||
|
// NtlmAuth SMTP AUTH NTLM Auth Handler
|
||||||
|
func NtlmAuth(username, password string) smtp.Auth {
|
||||||
|
user, domain, domainNeeded := ntlmssp.GetDomain(username)
|
||||||
|
return &ntlmAuth{user, password, domain, domainNeeded}
|
||||||
|
}
|
||||||
|
|
||||||
|
// Start starts SMTP NTLM Auth
|
||||||
|
func (a *ntlmAuth) Start(server *smtp.ServerInfo) (string, []byte, error) {
|
||||||
|
negotiateMessage, err := ntlmssp.NewNegotiateMessage(a.domain, "")
|
||||||
|
return "NTLM", negotiateMessage, err
|
||||||
|
}
|
||||||
|
|
||||||
|
// Next next step of SMTP ntlm auth
|
||||||
|
func (a *ntlmAuth) Next(fromServer []byte, more bool) ([]byte, error) {
|
||||||
|
if more {
|
||||||
|
if len(fromServer) == 0 {
|
||||||
|
return nil, fmt.Errorf("ntlm ChallengeMessage is empty")
|
||||||
|
}
|
||||||
|
authenticateMessage, err := ntlmssp.ProcessChallenge(fromServer, a.username, a.password, a.domainNeeded)
|
||||||
|
return authenticateMessage, err
|
||||||
|
}
|
||||||
|
return nil, nil
|
||||||
|
}
|
||||||
|
|
||||||
// Sender SMTP mail sender
|
// Sender SMTP mail sender
|
||||||
type smtpSender struct{}
|
type smtpSender struct{}
|
||||||
|
|
||||||
@ -237,6 +267,8 @@ func (s *smtpSender) Send(from string, to []string, msg io.WriterTo) error {
|
|||||||
} else if strings.Contains(options, "LOGIN") {
|
} else if strings.Contains(options, "LOGIN") {
|
||||||
// Patch for AUTH LOGIN
|
// Patch for AUTH LOGIN
|
||||||
auth = LoginAuth(opts.User, opts.Passwd)
|
auth = LoginAuth(opts.User, opts.Passwd)
|
||||||
|
} else if strings.Contains(options, "NTLM") {
|
||||||
|
auth = NtlmAuth(opts.User, opts.Passwd)
|
||||||
}
|
}
|
||||||
|
|
||||||
if auth != nil {
|
if auth != nil {
|
||||||
|
Loading…
Reference in New Issue
Block a user