Bazaar

Wrong behavior of SMTP authentication during post commit email

Bug #372800 reported by Amit Saha
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Bazaar
Invalid
Medium
Amit Saha

Bug Description

When the password is not specified in 'bazaar.conf'), SMTP authentication on post commit email hook fails (the password is not asked for) when the SMTP port number is given in only 'bazaar.conf' and not 'authentication.conf' along with the SMTP server (like server:port). When the port number is given in both, or removed from both, it works fine.

This happens even when the remote SMTP port is the default.

How to reproduce:

1. Start with a 'bazaar.conf' without smtp_user and smtp_password. For eg:

<code>

 [DEFAULT]
  email = Amit Saha <email address hidden>
  post_commit_mailer=smtplib
  smtp_server=mail-foo.com:25

</code>

2. In the 'authentication.conf' , you may or may not fill in the password field. For eg.

<code>
[mymail]
scheme=smtp
host=mail-foo.com
user=Amit

</code>

3. Give the port number in only the bazaar.conf files along with the SMTP server address, like 'mail.com:52'

(You will need to have a post-commit email hook installed)

Doing a commit will throw up: "bzr: ERROR: SMTP error: 530 5.7.0 No AUTH command has been given" during the email sending stage.

See original description
Amit Saha (amitksaha)
description: updated
Revision history for this message
Vincent Ladeuil (vila) wrote :

This is related to the smtplib library, used by bzrlib/smtp_connection.py. The smtp_server is allowed to ends with ':<port' to simplify library usage.

This conflicts with AuthenticationConfig.get_user()/get_password() that requires the port to be specified explicitly.

Changed in bzr:
status: New → Confirmed
Revision history for this message
Amit Saha (amitksaha) wrote :

RFC:

Instead of AuthenticationConfig.get_user()/get_password() taking port as a explicit parameter, it can be made a part of the host itself. This will require modifications in AuthenticationConfi.get_user()/get_pass() and AuthenticationConfig.get_credentials(), I guess. The host name itself could be parsed for the port number if specified, else the default will be taken. I also think it will affect just the two files - config.py and smtp_authentication.py.

Revision history for this message
Vincent Ladeuil (vila) wrote :

I think imposing extracting an optional port to AuthenticationConfig is not the right approach, trying to handle the default port ourself is not either, we tried that and fail (see bug #150860).

The simplest approach seems to be to extract the port in smtp_connection.py just before calling auth.get_user() (auth.get_password() can reuse that).

The relevant tests are in bzrlib/tests/test_smtp_connection.py and that's where you could add a test that reproduce the bug. You can then fix the code and the test will prove that your fix is correct.

Revision history for this message
Amit Saha (amitksaha) wrote :

I am working on this bug.

Changed in bzr:
assignee: nobody → Cornucopic (cornucopic)
status: Confirmed → In Progress
Amit Saha (amitksaha)
description: updated
summary: - Wrong behavior of SMTP authentication when port is specified
+ Wrong behavior of SMTP authentication on during post commit email
summary: - Wrong behavior of SMTP authentication on during post commit email
+ Wrong behavior of SMTP authentication during post commit email
Amit Saha (amitksaha)
description: updated
Amit Saha (amitksaha)
description: updated
Amit Saha (amitksaha)
description: updated
Revision history for this message
Martin Pool (mbp) wrote :

How's it going? Do you want someone to review your patch?

Changed in bzr:
importance: Undecided → Medium
Revision history for this message
Vincent Ladeuil (vila) wrote :

I'm pretty sure this bug has stalled because we fixed it differently. There may be another bug pending about emitting a warning if the port is specified in authentication.conf though, but I can't find it at the moment.

Feel free to re-open if I'm wrong.

Changed in bzr:
status: In Progress → Invalid
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.