From 20161427471f9d113f918e03c92714e23d8a3ff1 Mon Sep 17 00:00:00 2001
From: James Hillyerd <james@hillyerd.com>
Date: Sat, 31 Jul 2021 10:38:48 -0700
Subject: [PATCH] smtp: allow empty user & pass during AUTH LOGIN (#225)

---
 pkg/server/smtp/handler.go      | 12 ++----------
 pkg/server/smtp/handler_test.go | 10 +++++++---
 2 files changed, 9 insertions(+), 13 deletions(-)

diff --git a/pkg/server/smtp/handler.go b/pkg/server/smtp/handler.go
index c6478c4..3162b62 100644
--- a/pkg/server/smtp/handler.go
+++ b/pkg/server/smtp/handler.go
@@ -311,21 +311,13 @@ func parseHelloArgument(arg string) (string, error) {
 }
 
 func (s *Session) loginHandler(line string) {
-	if len(line) == 0 {
-		s.send("500 Invalid username")
-		s.enterState(READY)
-		return
-	}
+	// Content and length of username is ignored.
 	s.send(fmt.Sprintf("334 %v", passwordChallenge))
 	s.enterState(PASSWORD)
 }
 
 func (s *Session) passwordHandler(line string) {
-	if len(line) == 0 {
-		s.send("500 Invalid password")
-		s.enterState(READY)
-		return
-	}
+	// Content and length of password is ignored.
 	s.send("235 Authentication successful")
 	s.enterState(READY)
 }
diff --git a/pkg/server/smtp/handler_test.go b/pkg/server/smtp/handler_test.go
index 1e324b3..4e505df 100644
--- a/pkg/server/smtp/handler_test.go
+++ b/pkg/server/smtp/handler_test.go
@@ -138,9 +138,13 @@ func TestAuth(t *testing.T) {
 	// LOGIN AUTH
 	script = []scriptStep{
 		{"EHLO localhost", 250},
-		{"AUTH LOGIN", 334},
-		{"USERNAME", 334},
-		{"PASSWORD", 235},
+		{"AUTH LOGIN", 334}, // Test with user/pass present.
+		{"username", 334},
+		{"password", 235},
+		{"RSET", 250},
+		{"AUTH LOGIN", 334}, // Test with empty user/pass.
+		{"", 334},
+		{"", 235},
 	}
 	if err := playSession(t, server, script); err != nil {
 		t.Error(err)