Changes by Barry A. Warsaw ba...@python.org:
--
assignee: - barry
status: open - closed
___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue15014
___
Roundup Robot added the comment:
New changeset 97a29b86a2dc by Barry Warsaw in branch '3.5':
- Issue #15014: SMTP.auth() and SMTP.login() now support RFC 4954's optional
https://hg.python.org/cpython/rev/97a29b86a2dc
New changeset 2d9003d44694 by Barry Warsaw in branch 'default':
- Issue
R. David Murray added the comment:
Only one question, about a possible missing test. Otherwise this looks good to
me.
--
___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue15014
___
Barry A. Warsaw added the comment:
Attached patch includes test, documentation, and implementation. While this is
technically a new feature, it fixes a regression in Python 3.5 w.r.t. 3.4.
I'll email python-dev with a request for beta exemption.
--
Added file:
Barry A. Warsaw added the comment:
On Jul 07, 2015, at 05:59 PM, R. David Murray wrote:
I don't see any need to add the is_initial_auth_ok flag. Either the auth
method returns something that is not None (initial auth is OK), or it doesn't
(initial auth is not OK).
I added this because
R. David Murray added the comment:
I don't see any need to add the is_initial_auth_ok flag. Either the auth
method returns something that is not None (initial auth is OK), or it doesn't
(initial auth is not OK).
Providing for that initial return value from the authobj is still a change to
R. David Murray added the comment:
OK, that makes sense. I'll try to give this a thorough review soon.
--
___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue15014
___
Barry A. Warsaw added the comment:
I have a patch to support initial-response, which I'll be posting here after a
bit of clean up and a full (local) test run, with documentation. I ended up
adding a keyword argument `initial_response_ok=True` to .login() and .auth().
The reason for this is
Barry A. Warsaw added the comment:
Thanks!
--
___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue15014
___
___
Python-bugs-list mailing list
Changes by Larry Hastings la...@hastings.org:
--
priority: release blocker - normal
___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue15014
___
___
Barry A. Warsaw added the comment:
I believe this change broke RFC 4954's AUTH command when the optional
initial-response is expected. $4 The AUTH Command says:
AUTH mechanism [initial-response]
...
initial-response: An optional initial client response. If present,
this response
Barry A. Warsaw added the comment:
Here's a rough thought for a fix. Some auth_*() methods require a challenge,
but some don't, e.g. auth_plain(). Let's allow authobject() to be called with
challenge=None. If they allow an initial-response, then they can just return
the response bytes. If
Barry A. Warsaw added the comment:
Also, smtpd is not compatible with auth challenges because found_terminator()
doesn't know that the response its getting isn't a command but instead a
challenge response. So really we need another bug to track fixes to smtpd.py
to handle challenge
Roundup Robot added the comment:
New changeset 42917d774476 by R David Murray in branch 'default':
#15014: Add 'auth' command to implement auth mechanisms and use it in login.
http://hg.python.org/cpython/rev/42917d774476
--
nosy: +python-dev
___
R. David Murray added the comment:
Thanks, Milan.
I made some tweaks...mostly documentation and code style (your code style
wasn't wrong, I just have some slightly different preferences with regards to
line folding). I also eliminated the authobjects test method, since I didn't
see that it
R. David Murray added the comment:
Ah, you are right, I wasn't looking at the full context of the diff when I made
the comment about backward compatibility. So ignore that part :)
On the other hand, exposing perferred_auth on the class would be a simple API
for allowing auth extension (since
Milan Oberkirch added the comment:
Here comes the patch implementing your suggestions. Changing the API to make
adding new auth methods and still using login() would only require to make
preferred_auth accessable as you mentioned. Using custom authobjects is
possible with this patch.
R. David Murray added the comment:
I made some review comments.
Also, we need doc updates, including a what's new entry.
--
___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue15014
___
Milan Oberkirch added the comment:
Done.
--
Added file: http://bugs.python.org/file35392/smtplib_auth.patch
___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue15014
___
Changes by Milan Oberkirch milan...@oberkirch.org:
--
nosy: +jesstess
___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue15014
___
___
Python-bugs-list
R. David Murray added the comment:
OK, I've finally had time to review this, sorry for the delay.
The impalib mechanism is tailored to how imap works (that's the whole thing
about continuation response. smtplib auth works a bit differently, and your
adaptation looks OK to me. The
Milan Oberkirch added the comment:
I looked into imaplib a bit to see how the problem is solved there; what I
observed:
- login() does 'PLAIN' only (and does not use authobj but smtplib would)
- there exists an extra function login_cram_md5() for 'CRAM-MD5'
So I guess the right way to do it
R. David Murray added the comment:
Ah, I was going on imperfect memory of how imaplib worked without looking it
up. And I won't have time to do so today probably.
Probably we should decide on the exact API before you implement anything.
--
___
Milan Oberkirch added the comment:
Maybe I am a bit hyperactive, but I already was at it when receiving your
message, so I finished it. Anyhow most of what I have done is completely
independent of the API chosen. What I did:
1. I implemented a new authenticate(self, mechanism, authobject) as
R. David Murray added the comment:
OK, that makes sense to me. I'll take a look at it as soon as I can.
--
___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue15014
___
Milan Oberkirch added the comment:
I implemented one approach to solve this by writing new member functions for
each method (see the patch attached). Bonus: It does not change the usage of
login() in any way (which uses the new functions internally).
Another option would be to make those
R. David Murray added the comment:
There is a lot of repeated code in those methods, which becomes a maintenance
burden. That is one reason the imaplib authobj approach seems interesting to
me. Also, going the authobj route would mean imaplib and smptlib had a
consistent interface for this,
R. David Murray added the comment:
Oh, sorry. I meant to start out that message by saying, thanks for the patch.
Your idea is indeed interesting from the standpoint of not needing to change
the rest of the API, butand then the rest of my message.
In other words, I appreciate your work
Changes by Catalin Iacob iacobcata...@gmail.com:
--
nosy: +catalin.iacob
___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue15014
___
___
R. David Murray rdmur...@bitdance.com added the comment:
Yes, this is a need I also ran into, but hadn't gotten around to submitting a
bug for. If we are going to do this, though, I think we should do it right and
add the ability to support arbitrary login methods. An example of one way to
Changes by R. David Murray rdmur...@bitdance.com:
--
components: +email
nosy: +barry
stage: - needs patch
___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue15014
___
31 matches
Mail list logo
