Lift restrictions on authentication credentials in shadow/pam modules

With new authorization/authentication identities split, it is possible
to have non-email authentication identity while using email authorization
identity.

docs/man/maddy-auth.5.scd

@@ -16,7 +16,8 @@ Most likely, you are going to use these modules with 'auth' directive of IMAP
 sql module described in *maddy-storage*(5) can also be used as a authentication
 backend.
 
-The authorization identtity is the same as authorization identity.
+The authorization identity is required to be a valid RFC 5321 e-mail address.
+It is returned as the authorization identity.
 
 # External authentication module (extauth)
 
@@ -78,13 +79,6 @@ maddy should be built with libpam build tag to use this module without
 go get -tags 'libpam' ...
 ```
 
-By default, when checking with the PAM database, the username provided by
-client is expected to be a RFC 5321 e-mail address and the domain part and
-at-sign is removed. To disable that behavior and pass username as-is to
-libpam, set 'expect_address' to 'no'. Note that currently implemented storage
-backends require full e-mail address as an account name, so this is still not
-possible to use accounts with non-address names.
-
 The authorization identtity is the same as authorization identity.
 
 ```
@@ -126,10 +120,6 @@ chmod u+xs,g+x,o-x /usr/lib/maddy/maddy-pam-helper
 Implements authentication by reading /etc/shadow. Alternatively it can be
 configured to use helper binary like extauth does.
 
-When checking with the PAM database, the username provided by client is
-expected to be a RFC 5321 e-mail address and the domain part and at-sign is
-removed.
-
 The authorization identtity is the same as authorization identity.
 
 ```

internal/auth/pam/module.go

@@ -6,18 +6,16 @@ import (
  "os"
  "path/filepath"
 
- "github.com/foxcpp/maddy/internal/address"
  "github.com/foxcpp/maddy/internal/auth/external"
  "github.com/foxcpp/maddy/internal/config"
  "github.com/foxcpp/maddy/internal/log"
  "github.com/foxcpp/maddy/internal/module"
 )
 
 type Auth struct {
- instName string
- useHelper bool
- helperPath string
- expectAddress bool
+ instName string
+ useHelper bool
+ helperPath string
 
  Log log.Logger
 }
@@ -43,7 +41,6 @@ func (a *Auth) InstanceName() string {
 func (a *Auth) Init(cfg *config.Map) error {
  cfg.Bool("debug", true, false, &a.Log.Debug)
  cfg.Bool("use_helper", false, false, &a.useHelper)
- cfg.Bool("expect_address", false, false, &a.expectAddress)
  if _, err := cfg.Process(); err != nil {
  return err
  }
@@ -62,23 +59,12 @@ func (a *Auth) Init(cfg *config.Map) error {
 }
 
 func (a *Auth) AuthPlain(username, password string) ([]string, error) {
- var accountName string
- if a.expectAddress {
- var err error
- accountName, _, err = address.Split(username)
- if err != nil {
- return nil, err
- }
- } else {
- accountName = username
- }
-
  if a.useHelper {
- if err := external.AuthUsingHelper(a.helperPath, accountName, password); err != nil {
+ if err := external.AuthUsingHelper(a.helperPath, username, password); err != nil {
  return nil, err
  }
  }
- err := runPAMAuth(accountName, password)
+ err := runPAMAuth(username, password)
  if err != nil {
  return nil, err
  }

internal/auth/shadow/module.go

@@ -8,7 +8,6 @@ import (
  "os"
  "path/filepath"
 
- "github.com/foxcpp/maddy/internal/address"
  "github.com/foxcpp/maddy/internal/auth/external"
  "github.com/foxcpp/maddy/internal/config"
  "github.com/foxcpp/maddy/internal/log"
@@ -68,16 +67,11 @@ func (a *Auth) Init(cfg *config.Map) error {
 }
 
 func (a *Auth) AuthPlain(username, password string) ([]string, error) {
- accountName, _, err := address.Split(username)
- if err != nil {
- return nil, err
- }
-
  if a.useHelper {
- return []string{username}, external.AuthUsingHelper(a.helperPath, accountName, password)
+ return []string{username}, external.AuthUsingHelper(a.helperPath, username, password)
  }
 
- ent, err := Lookup(accountName)
+ ent, err := Lookup(username)
  if err != nil {
  return nil, err
  }