From e0608e79b6251ea2528cf0242affb8b9e2d5ab22 Mon Sep 17 00:00:00 2001
From: =?utf8?q?Tim=20D=C3=BCsterhus?= <duesterhus@woltlab.com>
Date: Mon, 11 Jan 2021 11:49:20 +0100
Subject: [PATCH] Fail SMTP auth if credentials are configured but all
 mechanisms fail

---
 .../email/transport/SmtpEmailTransport.class.php    | 13 +++++++++++--
 1 file changed, 11 insertions(+), 2 deletions(-)

diff --git a/wcfsetup/install/files/lib/system/email/transport/SmtpEmailTransport.class.php b/wcfsetup/install/files/lib/system/email/transport/SmtpEmailTransport.class.php
index 99b01f8dda..54e9d6202d 100644
--- a/wcfsetup/install/files/lib/system/email/transport/SmtpEmailTransport.class.php
+++ b/wcfsetup/install/files/lib/system/email/transport/SmtpEmailTransport.class.php
@@ -303,11 +303,12 @@ class SmtpEmailTransport implements IEmailTransport {
 	protected function auth() {
 		if (!$this->username || !$this->password) return;
 		
+		$authException = null;
 		foreach ($this->features as $feature) {
 			$parameters = explode(" ", $feature);
 			
 			if ($parameters[0] == 'auth') {
-				// try mechanisms in order of preference
+				// Try mechanisms in order of preference.
 				foreach (['login', 'plain'] as $method) {
 					if (in_array($method, $parameters)) {
 						switch ($method) {
@@ -317,6 +318,7 @@ class SmtpEmailTransport implements IEmailTransport {
 									$this->read([334]);
 								}
 								catch (SystemException $e) {
+									$authException = $e;
 									// try next authentication method
 									continue 2;
 								}
@@ -326,6 +328,8 @@ class SmtpEmailTransport implements IEmailTransport {
 								$this->write(base64_encode($this->password));
 								$this->lastWrite = '*redacted*';
 								$this->read([235]);
+								
+								// Authentication was successful.
 								return;
 							break;
 							case 'plain':
@@ -335,22 +339,27 @@ class SmtpEmailTransport implements IEmailTransport {
 									$this->read([334]);
 								}
 								catch (SystemException $e) {
+									$authException = $e;
 									// try next authentication method
 									continue 2;
 								}
 								$this->write(base64_encode("\0".$this->username."\0".$this->password));
 								$this->lastWrite = '*redacted*';
 								$this->read([235]);
+								
+								// Authentication was successful.
 								return;
 						}
 					}
 				}
 				
-				return;
+				// No mechanism was accepted.
+				break;
 			}
 		}
 		
 		// server does not support auth
+		throw new TransientFailure("Remote SMTP server does not support AUTH, but SMTP credentials are specified.", 0, $authException);
 	}
 	
 	/**
-- 
2.20.1