handle scram errors more gracefully, not aborting the connection

for some errors during the scram authentication protocol, we would treat some errors that a client connection could induce as server errors, printing a stack trace and aborting the connection. this change recognizes those errors and sends regular "authentication failed" or "protocol error" error messages to the client. for issue #222 by wneessen, thanks for reporting
2025-07-13 07:34:37 +03:00 · 2024-10-03 15:18:09 +02:00
parent b0c4b09010
commit c7315cb72d
4 changed files with 25 additions and 9 deletions
--- a/metrics/auth.go
+++ b/metrics/auth.go
@ -16,7 +16,7 @@ var (
 			"kind",    // submission, imap, webmail, webapi, webaccount, webadmin (formerly httpaccount, httpadmin)
 			"variant", // login, plain, scram-sha-256, scram-sha-1, cram-md5, weblogin, websessionuse, httpbasic.
 			// todo: we currently only use badcreds, but known baduser can be helpful
-			"result", // ok, baduser, badpassword, badcreds, error, aborted
+			"result", // ok, baduser, badpassword, badcreds, badchanbind, error, aborted
 		},
 	)