+ } else if (c.startsWith("STARTTLS")) {
+ conn.println("220 starting TLS...");
+ conn.flush();
+ conn = conn.negotiateSSL(true);
+ from = null; to = new Vector();
+ } else if (c.startsWith("AUTH")) {
+ if (authenticatedAs != null) {
+ conn.println("503 you are already authenticated; you must reconnect to reauth");
+ } else {
+ String mechanism = command.substring(4).trim();
+ String rest = "";
+ if (mechanism.indexOf(' ')!=-1) {
+ rest = mechanism.substring(mechanism.indexOf(' ')+1).trim();
+ mechanism = mechanism.substring(0, mechanism.indexOf(' '));
+ }
+ if (mechanism.equals("PLAIN")) {
+ // 538 Encryption required for requested authentication mechanism?
+ byte[] bytes = Encode.fromBase64(rest);
+ String authenticateUser = null;
+ String authorizeUser = null;
+ String password = null;
+ int start = 0;
+ for(int i=0; i<=bytes.length; i++) {
+ if (i<bytes.length && bytes[i]!=0) continue;
+ String result = new String(bytes, start, i-start, "UTF-8");
+ if (authenticateUser==null) authenticateUser = result;
+ else if (authorizeUser==null) authorizeUser = result;
+ else if (password==null) password = result;
+ start = i+1;
+ }
+ // FIXME: be smarter here
+ if (Main.auth.login(authorizeUser, password)!=null)
+ authenticatedAs = authenticateUser;
+ conn.println("235 Authentication successful");
+ /*
+ } else if (mechanism.equals("CRAM-MD5")) {
+ String challenge = ;
+ conn.println("334 "+challenge);
+ String resp = conn.readln();
+ if (resp.equals("*")) {
+ conn.println("501 client requested AUTH cancellation");
+ }
+ } else if (mechanism.equals("ANONYMOUS")) {
+ } else if (mechanism.equals("EXTERNAL")) {
+ } else if (mechanism.equals("DIGEST-MD5")) {
+ */
+ } else {
+ conn.println("504 unrecognized authentication type");
+ }
+ // on success, reset to initial state; client will EHLO again
+ from = null; to = new Vector();
+ }