yesBad/proton-bridge
1
0
Fork 0
forked from Silverfish/proton-bridge
Code Actions Activity

Other: Safer user types

Browse Source
This commit is contained in:
James Houlahan
2022-10-12 00:20:04 +02:00
parent 4dc32dc7f2
commit fd63611b41
35 changed files with 1253 additions and 771 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
internal/bridge/smtp_backend.go
View File

@ -1,13 +1,10 @@
package bridge
import (
"crypto/subtle"
"strings"
"sync"
"github.com/ProtonMail/proton-bridge/v2/internal/user"
"github.com/emersion/go-smtp"
"golang.org/x/exp/slices"
)
type smtpBackend struct {
@ -26,13 +23,12 @@ func (backend *smtpBackend) Login(state *smtp.ConnectionState, email, password s
defer backend.usersLock.RUnlock()
for _, user := range backend.users {
if subtle.ConstantTimeCompare(user.BridgePass(), []byte(password)) != 1 {
session, err := user.NewSMTPSession(email, []byte(password))
if err != nil {
continue
}
if email := strings.ToLower(email); slices.Contains(user.Emails(), email) {
return user.NewSMTPSession(email)
}
return session, nil
}
return nil, ErrNoSuchUser