Browse Source

Authentication checker converted to store passwords as bcrypt hashes

tags/v1.2.0
Bernhard Fröhlich 7 months ago
parent
commit
76a04a2001
Signed by: Bernhard Froehlich <decke@bluelife.at> GPG Key ID: 4DD88C3F9F3B8333
4 changed files with 9 additions and 3 deletions
  1. 1
    0
      go.mod
  2. 2
    0
      go.sum
  3. 5
    2
      main.go
  4. 1
    1
      smtp-proxy.ini

+ 1
- 0
go.mod View File

@@ -3,4 +3,5 @@ module code.bluelife.at/decke/smtp-proxy
require (
github.com/chrj/smtpd v0.1.2
github.com/vharitonsky/iniflags v0.0.0-20180513140207-a33cd0b5f3de
golang.org/x/crypto v0.0.0-20181203042331-505ab145d0a9
)

+ 2
- 0
go.sum View File

@@ -3,3 +3,5 @@ github.com/chrj/smtpd v0.1.2/go.mod h1:jt4ydELuZmqhn9hn3YpEPV1dY00aOB+Q1nWXnBDFK
github.com/eaigner/dkim v0.0.0-20150301120808-6fe4a7ee9cfb/go.mod h1:FSCIHbrqk7D01Mj8y/jW+NS1uoCerr+ad+IckTHTFf4=
github.com/vharitonsky/iniflags v0.0.0-20180513140207-a33cd0b5f3de h1:fkw+7JkxF3U1GzQoX9h69Wvtvxajo5Rbzy6+YMMzPIg=
github.com/vharitonsky/iniflags v0.0.0-20180513140207-a33cd0b5f3de/go.mod h1:irMhzlTz8+fVFj6CH2AN2i+WI5S6wWFtK3MBCIxIpyI=
golang.org/x/crypto v0.0.0-20181203042331-505ab145d0a9 h1:mKdxBk7AujPs8kU4m80U72y/zjbZ3UcXC7dClwKbUI0=
golang.org/x/crypto v0.0.0-20181203042331-505ab145d0a9/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4=

+ 5
- 2
main.go View File

@@ -16,6 +16,7 @@ import (

"github.com/chrj/smtpd"
"github.com/vharitonsky/iniflags"
"golang.org/x/crypto/bcrypt"
)

const (
@@ -113,8 +114,10 @@ func authChecker(peer smtpd.Peer, username string, password string) error {
continue
}

if username == parts[0] && password == parts[1] {
return nil
if username == parts[0] {
if bcrypt.CompareHashAndPassword([]byte(parts[1]), []byte(password)) == nil {
return nil
}
}
}


+ 1
- 1
smtp-proxy.ini View File

@@ -37,7 +37,7 @@

; File which contains username and password used for
; authentication before they can send mail.
; File format: username password
; File format: username bcrypt-hash
;allowed_users =

; Relay all mails to this SMTP server

Loading…
Cancel
Save