chore(GODT-2799): Separate account states for SMTP Backend

Rather than accessing the Bridge user list, each user register their
individual SMTP service with the server manager.

Note that some dependencies on the user data are hidden behind the
`UserInterface`. These will be removed in a future patch.

internal/bridge/identifier.go

@@ -40,3 +40,11 @@ func (bridge *Bridge) setUserAgent(name, version string) {
 		}
 	}
 }
+
+type bridgeUserAgentUpdater struct {
+	*Bridge
+}
+
+func (b *bridgeUserAgentUpdater) SetUserAgent(name, version string) {
+	b.setUserAgent(name, version)
+}

internal/bridge/imap.go

@@ -50,6 +50,16 @@ func (bridge *Bridge) addIMAPUser(ctx context.Context, user *user.User) error {
 	return bridge.serverManager.AddIMAPUser(ctx, user)
 }
 
+// addSMTPUser connects the given user to gluon.
+func (bridge *Bridge) addSMTPUser(ctx context.Context, user *user.User) error {
+	return bridge.serverManager.AddSMTPAccount(ctx, user.GetSMTPService())
+}
+
+// removeSMTPUser connects the given user to gluon.
+func (bridge *Bridge) removeSMTPUser(ctx context.Context, user *user.User) error {
+	return bridge.serverManager.RemoveSMTPAccount(ctx, user.GetSMTPService())
+}
+
 // removeIMAPUser disconnects the given user from gluon, optionally also removing its files.
 func (bridge *Bridge) removeIMAPUser(ctx context.Context, user *user.User, withData bool) error {
 	return bridge.serverManager.RemoveIMAPUser(ctx, user, withData)

internal/bridge/server_manager.go

@@ -28,6 +28,7 @@ import (
 	"github.com/ProtonMail/gluon/logging"
 	"github.com/ProtonMail/proton-bridge/v3/internal/events"
 	"github.com/ProtonMail/proton-bridge/v3/internal/safe"
+	bridgesmtp "github.com/ProtonMail/proton-bridge/v3/internal/services/smtp"
 	"github.com/ProtonMail/proton-bridge/v3/internal/user"
 	"github.com/ProtonMail/proton-bridge/v3/pkg/cpc"
 	"github.com/emersion/go-smtp"
@@ -43,13 +44,15 @@ type ServerManager struct {
 
 	smtpServer   *smtp.Server
 	smtpListener net.Listener
+	smtpAccounts *bridgesmtp.Accounts
 
 	loadedUserCount int
 }
 
 func newServerManager() *ServerManager {
 	return &ServerManager{
-		requests: cpc.NewCPC(),
+		requests:     cpc.NewCPC(),
+		smtpAccounts: bridgesmtp.NewAccounts(),
 	}
 }
 
@@ -59,7 +62,7 @@ func (sm *ServerManager) Init(bridge *Bridge) error {
 		return err
 	}
 
-	smtpServer := createSMTPServer(bridge)
+	smtpServer := createSMTPServer(bridge, sm.smtpAccounts)
 
 	sm.imapServer = imapServer
 	sm.smtpServer = smtpServer
@@ -134,6 +137,18 @@ func (sm *ServerManager) RemoveGluonUser(ctx context.Context, gluonID string) er
 	return err
 }
 
+func (sm *ServerManager) AddSMTPAccount(ctx context.Context, service *bridgesmtp.Service) error {
+	_, err := sm.requests.Send(ctx, &smRequestAddSMTPAccount{account: service})
+
+	return err
+}
+
+func (sm *ServerManager) RemoveSMTPAccount(ctx context.Context, service *bridgesmtp.Service) error {
+	_, err := sm.requests.Send(ctx, &smRequestRemoveSMTPAccount{account: service})
+
+	return err
+}
+
 func (sm *ServerManager) run(ctx context.Context, bridge *Bridge) {
 	eventCh, cancel := bridge.GetEvents()
 	defer cancel()
@@ -206,6 +221,16 @@ func (sm *ServerManager) run(ctx context.Context, bridge *Bridge) {
 			case *smRequestRemoveGluonUser:
 				err := sm.handleRemoveGluonUser(ctx, r.userID)
 				request.Reply(ctx, nil, err)
+
+			case *smRequestAddSMTPAccount:
+				logrus.WithField("user", r.account.UserID()).Debug("Adding SMTP Account")
+				sm.smtpAccounts.AddAccount(r.account)
+				request.Reply(ctx, nil, nil)
+
+			case *smRequestRemoveSMTPAccount:
+				logrus.WithField("user", r.account.UserID()).Debug("Removing SMTP Account")
+				sm.smtpAccounts.RemoveAccount(r.account)
+				request.Reply(ctx, nil, nil)
 			}
 		}
 	}
@@ -386,8 +411,8 @@ func createIMAPServer(bridge *Bridge) (*gluon.Server, error) {
 	)
 }
 
-func createSMTPServer(bridge *Bridge) *smtp.Server {
-	return newSMTPServer(bridge, bridge.tlsConfig, bridge.logSMTP)
+func createSMTPServer(bridge *Bridge, accounts *bridgesmtp.Accounts) *smtp.Server {
+	return newSMTPServer(bridge, accounts, bridge.tlsConfig, bridge.logSMTP)
 }
 
 func (sm *ServerManager) closeSMTPServer(bridge *Bridge) error {
@@ -473,7 +498,7 @@ func (sm *ServerManager) restartSMTP(bridge *Bridge) error {
 
 	bridge.publish(events.SMTPServerStopped{})
 
-	sm.smtpServer = newSMTPServer(bridge, bridge.tlsConfig, bridge.logSMTP)
+	sm.smtpServer = newSMTPServer(bridge, sm.smtpAccounts, bridge.tlsConfig, bridge.logSMTP)
 
 	if sm.shouldStartServers() {
 		return sm.serveSMTP(bridge)
@@ -694,3 +719,11 @@ type smRequestAddGluonUser struct {
 type smRequestRemoveGluonUser struct {
 	userID string
 }
+
+type smRequestAddSMTPAccount struct {
+	account *bridgesmtp.Service
+}
+
+type smRequestRemoveSMTPAccount struct {
+	account *bridgesmtp.Service
+}

internal/bridge/smtp.go

@@ -23,6 +23,7 @@ import (
 
 	"github.com/ProtonMail/proton-bridge/v3/internal/constants"
 	"github.com/ProtonMail/proton-bridge/v3/internal/logging"
+	bridgesmtp "github.com/ProtonMail/proton-bridge/v3/internal/services/smtp"
 	"github.com/emersion/go-sasl"
 	"github.com/emersion/go-smtp"
 	"github.com/sirupsen/logrus"
@@ -32,10 +33,10 @@ func (bridge *Bridge) restartSMTP(ctx context.Context) error {
 	return bridge.serverManager.RestartSMTP(ctx)
 }
 
-func newSMTPServer(bridge *Bridge, tlsConfig *tls.Config, logSMTP bool) *smtp.Server {
+func newSMTPServer(bridge *Bridge, accounts *bridgesmtp.Accounts, tlsConfig *tls.Config, logSMTP bool) *smtp.Server {
 	logrus.WithField("logSMTP", logSMTP).Info("Creating SMTP server")
 
-	smtpServer := smtp.NewServer(&smtpBackend{Bridge: bridge})
+	smtpServer := smtp.NewServer(&smtpBackend{bridge: bridge, accounts: accounts})
 
 	smtpServer.TLSConfig = tlsConfig
 	smtpServer.Domain = constants.Host

internal/bridge/smtp_backend.go

@@ -19,22 +19,25 @@ package bridge
 
 import (
 	"context"
+	"errors"
 	"fmt"
 	"io"
 	"strings"
 
-	"github.com/ProtonMail/proton-bridge/v3/internal/safe"
+	smtpservice "github.com/ProtonMail/proton-bridge/v3/internal/services/smtp"
 	"github.com/ProtonMail/proton-bridge/v3/internal/useragent"
 	"github.com/emersion/go-smtp"
 	"github.com/sirupsen/logrus"
 )
 
 type smtpBackend struct {
-	*Bridge
+	accounts  *smtpservice.Accounts
+	userAgent UserAgentUpdater
 }
 
 type smtpSession struct {
-	*Bridge
+	accounts  *smtpservice.Accounts
+	userAgent UserAgentUpdater
 
 	userID string
 	authID string
@@ -44,44 +47,31 @@ type smtpSession struct {
 }
 
 func (be *smtpBackend) NewSession(*smtp.Conn) (smtp.Session, error) {
-	return &smtpSession{Bridge: be.Bridge}, nil
+	return &smtpSession{accounts: be.accounts, userAgent: be.userAgent}, nil
 }
 
 func (s *smtpSession) AuthPlain(username, password string) error {
-	return safe.RLockRet(func() error {
-		for _, user := range s.users {
-			addrID, err := user.CheckAuth(username, []byte(password))
-			if err != nil {
-				continue
-			}
-
-			s.userID = user.ID()
-			s.authID = addrID
-
-			if strings.Contains(s.Bridge.GetCurrentUserAgent(), useragent.DefaultUserAgent) {
-				s.Bridge.setUserAgent(useragent.UnknownClient, useragent.DefaultVersion)
-			}
-
-			user.SendConfigStatusSuccess(context.Background())
-
-			return nil
+	userID, authID, err := s.accounts.CheckAuth(username, []byte(password))
+	if err != nil {
+		if !errors.Is(err, smtpservice.ErrNoSuchUser) {
+			return fmt.Errorf("unknown error")
 		}
-
 		logrus.WithFields(logrus.Fields{
 			"username": username,
 			"pkg":      "smtp",
 		}).Error("Incorrect login credentials.")
-		err := fmt.Errorf("invalid username or password")
-		for _, user := range s.users {
-			for _, mail := range user.Emails() {
-				if mail == username {
-					user.ReportConfigStatusFailure(err.Error())
-					return err
-				}
-			}
-		}
-		return err
-	}, s.usersLock)
+
+		return fmt.Errorf("invalid username or password")
+	}
+
+	s.userID = userID
+	s.authID = authID
+
+	if strings.Contains(s.userAgent.GetUserAgent(), useragent.DefaultUserAgent) {
+		s.userAgent.SetUserAgent(useragent.UnknownClient, useragent.DefaultVersion)
+	}
+
+	return nil
 }
 
 func (s *smtpSession) Reset() {
@@ -108,14 +98,7 @@ func (s *smtpSession) Rcpt(to string) error {
 }
 
 func (s *smtpSession) Data(r io.Reader) error {
-	err := safe.RLockRet(func() error {
-		user, ok := s.users[s.userID]
-		if !ok {
-			return ErrNoSuchUser
-		}
-
-		return user.SendMail(s.authID, s.from, s.to, r)
-	}, s.usersLock)
+	err := s.accounts.SendMail(context.Background(), s.userID, s.authID, s.from, s.to, r)
 
 	if err != nil {
 		logrus.WithField("pkg", "smtp").WithError(err).Error("Send mail failed.")

internal/bridge/types.go

@@ -43,6 +43,11 @@ type Identifier interface {
 	GetClientString() string
 }
 
+type UserAgentUpdater interface {
+	Identifier
+	SetUserAgent(name, version string)
+}
+
 type ProxyController interface {
 	AllowProxy()
 	DisallowProxy()

internal/bridge/user.go

@@ -545,6 +545,10 @@ func (bridge *Bridge) addUserWithVault(
 		return fmt.Errorf("failed to add IMAP user: %w", err)
 	}
 
+	if err := bridge.addSMTPUser(ctx, user); err != nil {
+		return fmt.Errorf("failed to add SMTP user: %w", err)
+	}
+
 	// Handle events coming from the user before forwarding them to the bridge.
 	// For example, if the user's addresses change, we need to update them in gluon.
 	bridge.tasks.Once(func(ctx context.Context) {
@@ -613,6 +617,10 @@ func (bridge *Bridge) logoutUser(ctx context.Context, user *user.User, withAPI,
 		logrus.WithError(err).Error("Failed to remove IMAP user")
 	}
 
+	if err := bridge.removeSMTPUser(ctx, user); err != nil {
+		logrus.WithError(err).Error("Failed to remove SMTP user")
+	}
+
 	if err := user.Logout(ctx, withAPI); err != nil {
 		logrus.WithError(err).Error("Failed to logout user")
 	}

internal/services/smtp/accounts.go

@@ -0,0 +1,86 @@
+// Copyright (c) 2023 Proton AG
+//
+// This file is part of Proton Mail Bridge.
+//
+// Proton Mail Bridge is free software: you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// Proton Mail Bridge is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU General Public License for more details.
+//
+// You should have received a copy of the GNU General Public License
+// along with Proton Mail Bridge.  If not, see <https://www.gnu.org/licenses/>.
+
+package smtp
+
+import (
+	"context"
+	"io"
+	"sync"
+)
+
+type Accounts struct {
+	accountsLock sync.RWMutex
+	accounts     map[string]*Service
+}
+
+func NewAccounts() *Accounts {
+	return &Accounts{
+		accounts: make(map[string]*Service),
+	}
+}
+
+func (s *Accounts) AddAccount(account *Service) {
+	s.accountsLock.Lock()
+	defer s.accountsLock.Unlock()
+
+	s.accounts[account.UserID()] = account
+}
+
+func (s *Accounts) RemoveAccount(account *Service) {
+	s.accountsLock.Lock()
+	defer s.accountsLock.Unlock()
+
+	delete(s.accounts, account.UserID())
+}
+
+func (s *Accounts) CheckAuth(user string, password []byte) (string, string, error) {
+	s.accountsLock.RLock()
+	defer s.accountsLock.RUnlock()
+
+	for id, service := range s.accounts {
+		addrID, err := service.user.CheckAuth(user, password)
+		if err != nil {
+			continue
+		}
+
+		service.user.ReportSMTPAuthSuccess(context.Background())
+		return id, addrID, nil
+	}
+
+	for _, service := range s.accounts {
+		service.user.ReportSMTPAuthFailed(user)
+	}
+
+	return "", "", ErrNoSuchUser
+}
+
+func (s *Accounts) SendMail(ctx context.Context, userID, addrID, from string, to []string, r io.Reader) error {
+	if len(to) == 0 {
+		return ErrInvalidRecipient
+	}
+
+	s.accountsLock.RLock()
+	defer s.accountsLock.RUnlock()
+
+	service, ok := s.accounts[userID]
+	if !ok {
+		return ErrNoSuchUser
+	}
+
+	return service.SendMail(ctx, addrID, from, to, r)
+}

internal/services/smtp/errors.go

@@ -21,3 +21,4 @@ import "errors"
 
 var ErrInvalidRecipient = errors.New("invalid recipient")
 var ErrInvalidReturnPath = errors.New("invalid return path")
+var ErrNoSuchUser = errors.New("no such user")

internal/services/smtp/service.go

@@ -19,6 +19,7 @@ package smtp
 
 import (
 	"context"
+	"errors"
 	"io"
 
 	"github.com/ProtonMail/gluon/async"
@@ -34,7 +35,10 @@ import (
 // UserInterface is just wrapper to avoid recursive go module imports. To be removed when the identity service is ready.
 type UserInterface interface {
 	ID() string
+	CheckAuth(string, []byte) (string, error)
 	WithSMTPData(context.Context, func(context.Context, map[string]proton.Address, proton.User, *vault.User) error) error
+	ReportSMTPAuthSuccess(context.Context)
+	ReportSMTPAuthFailed(username string)
 }
 
 type Service struct {
@@ -91,6 +95,10 @@ func (s *Service) Start(group *async.Group) {
 	})
 }
 
+func (s *Service) UserID() string {
+	return s.user.ID()
+}
+
 func (s *Service) run(ctx context.Context) {
 	s.log.Debug("Starting service main loop")
 	defer s.log.Debug("Exiting service main loop")
@@ -128,5 +136,13 @@ type sendMailReq struct {
 
 func (s *Service) sendMail(ctx context.Context, req *sendMailReq) error {
 	defer async.HandlePanic(s.panicHandler)
-	return s.smtpSendMail(ctx, req.authID, req.from, req.to, req.r)
+	if err := s.smtpSendMail(ctx, req.authID, req.from, req.to, req.r); err != nil {
+		if apiErr := new(proton.APIError); errors.As(err, &apiErr) {
+			s.log.WithError(apiErr).WithField("Details", apiErr.DetailsToString()).Error("failed to send message")
+		}
+
+		return err
+	}
+
+	return nil
 }

internal/user/user.go

@@ -488,27 +488,6 @@ func (user *User) NewIMAPConnectors() (map[string]connector.Connector, error) {
 	}, user.apiAddrsLock)
 }
 
-// SendMail sends an email from the given address to the given recipients.
-func (user *User) SendMail(authID string, from string, to []string, r io.Reader) error {
-	if user.vault.SyncStatus().IsComplete() {
-		defer user.goPollAPIEvents(true)
-	}
-
-	if len(to) == 0 {
-		return smtp.ErrInvalidRecipient
-	}
-
-	if err := user.smtpService.SendMail(context.Background(), authID, from, to, r); err != nil {
-		if apiErr := new(proton.APIError); errors.As(err, &apiErr) {
-			logrus.WithError(apiErr).WithField("Details", apiErr.DetailsToString()).Error("failed to send message")
-		}
-
-		return err
-	}
-
-	return nil
-}
-
 // CheckAuth returns whether the given email and password can be used to authenticate over IMAP or SMTP with this user.
 // It returns the address ID of the authenticated address.
 func (user *User) CheckAuth(email string, password []byte) (string, error) {
@@ -680,6 +659,23 @@ func (user *User) WithSMTPData(ctx context.Context, op func(context.Context, map
 	}, user.apiUserLock, user.apiAddrsLock, user.eventLock)
 }
 
+func (user *User) ReportSMTPAuthFailed(username string) {
+	emails := user.Emails()
+	for _, mail := range emails {
+		if mail == username {
+			user.ReportConfigStatusFailure("invalid username or password")
+		}
+	}
+}
+
+func (user *User) ReportSMTPAuthSuccess(ctx context.Context) {
+	user.SendConfigStatusSuccess(ctx)
+}
+
+func (user *User) GetSMTPService() *smtp.Service {
+	return user.smtpService
+}
+
 // initUpdateCh initializes the user's update channels in the given address mode.
 // It is assumed that user.apiAddrs and user.updateCh are already locked.
 func (user *User) initUpdateCh(mode vault.AddressMode) {