Node.js Haraka没有授权我的身份验证

我正在Haraka构建一个需要tls认证的应用程序。我使用命令生成了.pem文件tls_cert.pem和tls_key.pem

openssl req -x509 -nodes -days 2190 -newkey rsa:1024 -keyout config/tls_key.pem -out config/tls_cert.pem

就像Haraka建议的那样，确保Common Name字段的内容与我的config/me文件的内容相同。在我的配置/插件中，我有

# default list of plugins

# Log to syslog (disabled by default, see docs)
#log.syslog

# block mails from known bad hosts (see config/dnsbl.zones for the DNS zones queried)
#dnsbl

# Check mail headers are valid
data.rfc5322_header_checks

# block mail from some known bad HELOs - see config/helo.checks.ini for configuration
#helo.checks

# control which "MAIL FROM" addresses you accept. See docs.
#mail_from.access

# Only accept mail where the MAIL FROM domain is resolvable to an MX record
#mail_from.is_resolvable

# Disconnect client if they spew bad SMTP commands at us
#max_unrecognized_commands

# control which "RCPT TO" addresses you reject. See docs.
#rcpt_to.access

# Only accept mail for your personal list of hosts. Edit config/host_list
# NOTE: THIS IS REQUIRED for inbound email.
rcpt_to.in_host_list

# Queue mail via smtp - see config/smtp_forward.ini for where your mail goes
#queue/smtp_forward

##### Custom Plugins ####
javascript/fooBar
tls

javascript/fooBar是一个自定义插件，我用coffeescript编写并编译成js文件，这意味着它映射到plugins/javascript/Mx25OutBoundActions.js

以下是plugins/javascript/fooBar.js的内容

(function() {
  var DataBase, Password, User, database;

  DataBase = require('./dataBase');

  database = new DataBase();

  User = null;

  Password = null;

  exports.hook_lookup_rdns = function(next, conn) {
    return next(OK, '');
  };

  exports.hook_connect = function(next, conn, params) {
    conn.remote_host = '';
    return next(CONT, "The MX25 SMTP API is now ready.");
  };

  exports.register = function() {
    this.loginfo('Test');
    return this.inherits('auth/auth_base');
  };

  exports.hook_capablities = function(next, conn) {
    var methods;
    this.loginfo('Hello');
    conn.capabilities.push('STARTTLS');
    conn.notes.tls_enabled = 1;
    if (conn.using_tls) {
      this.loginfo('Connection Secure');
      methods = ['PLAIN', 'LOGIN'];
      conn.capabilities.push("AUTH " + (methods.join(' ')));
      conn.notes.allowed_auth_methods = methods;
      return next();
    } else {
      this.loginfo('Connection not secure');
      return next(DENY, '5.7.1 Secure connection required');
    }
  };
  exports.get_plain_passwd = function(user, cb) {
    this.loginfo('*********');
    this.loginfo(user);
    this.loginfo('*********');
    return cb(user);
  };

  exports.check_plain_passwd = function(conn, user, passwd, cb) {
    this.loginfo("Hello!");
    database.query('SELECT * FROM domains', function(error, results) {
      var Password, User, flag, i, _i, _ref;
      if (error == null) {
        flag = 0;
        for (i = _i = 0, _ref = results.length; 0 <= _ref ? _i <= _ref : _i >= _ref; i = 0 <= _ref ? ++_i : --_i) {
          if (user === results[i].address && passwd === results[i].outbound_password) {
            flag = 1;
            break;
          }
        }
        if (flag === 1) {
          User = user;
          Password = passwd;
          return cb(true);
        } else {
          console.log('User not authenticated');
          return next(DENY, '5.7.1 Invalid authentication credentials provided');
        }
      } else {
        console.log("Error: ${error}.");
      }
    });
    return cb(true);
  };
});.call(this);

在另一个议会里，我从斯瓦克斯那里得到一个错误，他说

*** Host did not advertise authentication

Haraka的产量看起来像

[NOTICE] [3D27FD1C-B94A-4271-84EB-460B32598491] [core] connect ip=::1 port=64243 local_ip=:: local_port=587
[DEBUG] [3D27FD1C-B94A-4271-84EB-460B32598491] [core] running lookup_rdns hooks
[DEBUG] [3D27FD1C-B94A-4271-84EB-460B32598491] [core] running lookup_rdns hook in javascript/fooBar plugin
[INFO] [3D27FD1C-B94A-4271-84EB-460B32598491] [core] hook=lookup_rdns plugin=javascript/fooBar function=hook_lookup_rdns params="" retval=OK msg=""
[DEBUG] [3D27FD1C-B94A-4271-84EB-460B32598491] [core] running connect hooks
[DEBUG] [3D27FD1C-B94A-4271-84EB-460B32598491] [core] running connect hook in javascript/fooBar plugin
[DEBUG] [3D27FD1C-B94A-4271-84EB-460B32598491] [core] hook=connect plugin=javascript/fooBar function=hook_connect params="" retval=CONT msg="The MX25 SMTP API is now ready."
[PROTOCOL] [3D27FD1C-B94A-4271-84EB-460B32598491] [core] S: 220 The MX25 SMTP API is now ready.
[PROTOCOL] [3D27FD1C-B94A-4271-84EB-460B32598491] [core] C: EHLO richardas-mac-mini.local state=1
[DEBUG] [3D27FD1C-B94A-4271-84EB-460B32598491] [core] running ehlo hooks
[DEBUG] [3D27FD1C-B94A-4271-84EB-460B32598491] [core] running capabilities hooks
[DEBUG] [3D27FD1C-B94A-4271-84EB-460B32598491] [core] running capabilities hook in javascript/fooBar plugin
[DEBUG] [3D27FD1C-B94A-4271-84EB-460B32598491] [core] hook=capabilities plugin=javascript/fooBar function=hook_capabilities params="" retval=CONT msg=""
[DEBUG] [3D27FD1C-B94A-4271-84EB-460B32598491] [core] running capabilities hook in tls plugin
[DEBUG] [3D27FD1C-B94A-4271-84EB-460B32598491] [core] hook=capabilities plugin=tls function=hook_capabilities params="" retval=CONT msg=""
[PROTOCOL] [3D27FD1C-B94A-4271-84EB-460B32598491] [core] S: 250-outbound.mx25.net Hello [::1], Haraka is at your service.
[PROTOCOL] [3D27FD1C-B94A-4271-84EB-460B32598491] [core] S: 250-PIPELINING
[PROTOCOL] [3D27FD1C-B94A-4271-84EB-460B32598491] [core] S: 250-8BITMIME
[PROTOCOL] [3D27FD1C-B94A-4271-84EB-460B32598491] [core] S: 250-SIZE 500000
[PROTOCOL] [3D27FD1C-B94A-4271-84EB-460B32598491] [core] S: 250 STARTTLS
[PROTOCOL] [3D27FD1C-B94A-4271-84EB-460B32598491] [core] C: QUIT state=1
[DEBUG] [3D27FD1C-B94A-4271-84EB-460B32598491] [core] running quit hooks
[PROTOCOL] [3D27FD1C-B94A-4271-84EB-460B32598491] [core] S: 221 outbound.mx25.net closing connection. Have a jolly good day.
[DEBUG] [3D27FD1C-B94A-4271-84EB-460B32598491] [core] running disconnect hooks
[NOTICE] [3D27FD1C-B94A-4271-84EB-460B32598491] [core] disconnect ip=::1 rdns="" helo="richardas-mac-mini.local" relay=N early=N esmtp=Y tls=N pipe=N txns=0 rcpts=0/0/0 msgs=0/0/0 bytes=0 lr="" time=0.008

我在这里迷路了。我已经浏览了Haraka关于这个主题的所有文档，以及我找到的源代码和几个示例项目。为什么Haraka不授权我的身份验证

编辑

---

我有身份验证代码。我最初没有包括它，因为我认为它与错误无关。即使包含了它，Haraka输出也完全相同，函数第一行中的this.loginfo调用不会出现。Swaks产生的错误和输出也完全相同。还是在读了马特的之后，我把它包括进去了。为了再次检查这一点，我还尝试注释exports.check_plain_passwd中的所有代码，并在所有情况下返回cb（true）。没有什么变化。我得到了相同的输出和相同的错误。

看起来您正在尝试添加身份验证而不是TLS-为此，您需要一个身份验证插件，如auth/flat\u file。同样根据TLS文档，它应该首先列在config/plugins文件中（其次是auth/flat_文件）-插件顺序问题-它决定运行的顺序，并且您希望TLS是第一件发生的事情

---

这里有关于auth_flat_文件的文档：

您想尝试的第一件事是在调用

swaks

时使用

-tls

。在服务器日志中，我看到它播发STARTTLS（而不播发AUTH），但客户机立即退出而不是协商TLS。如果真的有问题，这就是向您隐藏。

我有获取和检查用户和密码的代码。我只是没有把它包括在内，因为我认为它与这个问题无关。这篇我的原创文章已经编辑过了，包含了代码。啊，我明白了。我想知道这是否是您将代码包装在函数块中的方式。不要担心在哈拉卡的范围-这是为你处理的。好的，我必须再考虑一下。您的钩子显然正在运行，但是您的登录钩子功能没有出现在日志中。上述代码的日志是否也已过期？此外，我认为您无法在功能挂钩中检查是否使用了\u tls，因为tls升级在第一次进行时还没有发生。

[NOTICE] [3D27FD1C-B94A-4271-84EB-460B32598491] [core] connect ip=::1 port=64243 local_ip=:: local_port=587
[DEBUG] [3D27FD1C-B94A-4271-84EB-460B32598491] [core] running lookup_rdns hooks
[DEBUG] [3D27FD1C-B94A-4271-84EB-460B32598491] [core] running lookup_rdns hook in javascript/fooBar plugin
[INFO] [3D27FD1C-B94A-4271-84EB-460B32598491] [core] hook=lookup_rdns plugin=javascript/fooBar function=hook_lookup_rdns params="" retval=OK msg=""
[DEBUG] [3D27FD1C-B94A-4271-84EB-460B32598491] [core] running connect hooks
[DEBUG] [3D27FD1C-B94A-4271-84EB-460B32598491] [core] running connect hook in javascript/fooBar plugin
[DEBUG] [3D27FD1C-B94A-4271-84EB-460B32598491] [core] hook=connect plugin=javascript/fooBar function=hook_connect params="" retval=CONT msg="The MX25 SMTP API is now ready."
[PROTOCOL] [3D27FD1C-B94A-4271-84EB-460B32598491] [core] S: 220 The MX25 SMTP API is now ready.
[PROTOCOL] [3D27FD1C-B94A-4271-84EB-460B32598491] [core] C: EHLO richardas-mac-mini.local state=1
[DEBUG] [3D27FD1C-B94A-4271-84EB-460B32598491] [core] running ehlo hooks
[DEBUG] [3D27FD1C-B94A-4271-84EB-460B32598491] [core] running capabilities hooks
[DEBUG] [3D27FD1C-B94A-4271-84EB-460B32598491] [core] running capabilities hook in javascript/fooBar plugin
[DEBUG] [3D27FD1C-B94A-4271-84EB-460B32598491] [core] hook=capabilities plugin=javascript/fooBar function=hook_capabilities params="" retval=CONT msg=""
[DEBUG] [3D27FD1C-B94A-4271-84EB-460B32598491] [core] running capabilities hook in tls plugin
[DEBUG] [3D27FD1C-B94A-4271-84EB-460B32598491] [core] hook=capabilities plugin=tls function=hook_capabilities params="" retval=CONT msg=""
[PROTOCOL] [3D27FD1C-B94A-4271-84EB-460B32598491] [core] S: 250-outbound.mx25.net Hello [::1], Haraka is at your service.
[PROTOCOL] [3D27FD1C-B94A-4271-84EB-460B32598491] [core] S: 250-PIPELINING
[PROTOCOL] [3D27FD1C-B94A-4271-84EB-460B32598491] [core] S: 250-8BITMIME
[PROTOCOL] [3D27FD1C-B94A-4271-84EB-460B32598491] [core] S: 250-SIZE 500000
[PROTOCOL] [3D27FD1C-B94A-4271-84EB-460B32598491] [core] S: 250 STARTTLS
[PROTOCOL] [3D27FD1C-B94A-4271-84EB-460B32598491] [core] C: QUIT state=1
[DEBUG] [3D27FD1C-B94A-4271-84EB-460B32598491] [core] running quit hooks
[PROTOCOL] [3D27FD1C-B94A-4271-84EB-460B32598491] [core] S: 221 outbound.mx25.net closing connection. Have a jolly good day.
[DEBUG] [3D27FD1C-B94A-4271-84EB-460B32598491] [core] running disconnect hooks
[NOTICE] [3D27FD1C-B94A-4271-84EB-460B32598491] [core] disconnect ip=::1 rdns="" helo="richardas-mac-mini.local" relay=N early=N esmtp=Y tls=N pipe=N txns=0 rcpts=0/0/0 msgs=0/0/0 bytes=0 lr="" time=0.008