* [PATCH] send-email: provide port separately from hostname
@ 2013-07-04 22:04 brian m. carlson
2013-07-04 22:42 ` Ramkumar Ramachandra
0 siblings, 1 reply; 3+ messages in thread
From: brian m. carlson @ 2013-07-04 22:04 UTC (permalink / raw)
To: git; +Cc: gitster, artagnon, krzysiek
From: "brian m. carlson" <sandals@crustytoothpaste.net>
If the SMTP port is provided as part of the hostname to Net::SMTP, it passes
the combined string to the SASL provider; this causes GSSAPI authentication to
fail since Kerberos does not want the port information. Instead, pass the port
as a separate argument as is done for SSL connections.
Signed-off-by: brian m. carlson <sandals@crustytoothpaste.net>
---
git-send-email.perl | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/git-send-email.perl b/git-send-email.perl
index bd13cc8..ca86a13 100755
--- a/git-send-email.perl
+++ b/git-send-email.perl
@@ -1199,9 +1199,11 @@ X-Mailer: git-send-email $gitversion
else {
require Net::SMTP;
$smtp_domain ||= maildomain();
- $smtp ||= Net::SMTP->new(smtp_host_string(),
+ $smtp_server_port ||= 25;
+ $smtp ||= Net::SMTP->new($smtp_server,
Hello => $smtp_domain,
- Debug => $debug_net_smtp);
+ Debug => $debug_net_smtp,
+ Port => $smtp_server_port);
if ($smtp_encryption eq 'tls' && $smtp) {
require Net::SMTP::SSL;
$smtp->command('STARTTLS');
--
1.8.3.2.923.g2a18ff8.dirty
^ permalink raw reply related [flat|nested] 3+ messages in thread
* Re: [PATCH] send-email: provide port separately from hostname
2013-07-04 22:04 [PATCH] send-email: provide port separately from hostname brian m. carlson
@ 2013-07-04 22:42 ` Ramkumar Ramachandra
2013-07-04 23:11 ` brian m. carlson
0 siblings, 1 reply; 3+ messages in thread
From: Ramkumar Ramachandra @ 2013-07-04 22:42 UTC (permalink / raw)
To: brian m. carlson; +Cc: git, gitster, krzysiek
brian m. carlson wrote:
> diff --git a/git-send-email.perl b/git-send-email.perl
> index bd13cc8..ca86a13 100755
> --- a/git-send-email.perl
> +++ b/git-send-email.perl
> @@ -1199,9 +1199,11 @@ X-Mailer: git-send-email $gitversion
> else {
> require Net::SMTP;
> $smtp_domain ||= maildomain();
> - $smtp ||= Net::SMTP->new(smtp_host_string(),
Hm, so the problem occurs when you give smtp_host_string() to
Net::SMTP->new() as the first argument.
> + $smtp_server_port ||= 25;
So if smtp_host_string() returns a hostname without a port, then
Net::SMTP->new() will connect to port 25 by default?
> If the SMTP port is provided as part of the hostname to Net::SMTP, it passes
> the combined string to the SASL provider; this causes GSSAPI authentication to
> fail since Kerberos does not want the port information. Instead, pass the port
> as a separate argument as is done for SSL connections.
I need to be in a (firewalled?) network that uses Kerberos to
reproduce this, right? Even if I can't reproduce it, the change seems
to be fine.
While we're on the subject, do you know how to get rid of this huge
ugly warning I get everytime I send emails?
*******************************************************************
Using the default of SSL_verify_mode of SSL_VERIFY_NONE for client
is deprecated! Please set SSL_verify_mode to SSL_VERIFY_PEER
together with SSL_ca_file|SSL_ca_path for verification.
If you really don't want to verify the certificate and keep the
connection open to Man-In-The-Middle attacks please set
SSL_verify_mode explicitly to SSL_VERIFY_NONE in your application.
*******************************************************************
at /home/artagnon/src/git/git-send-email line 1200.
Thanks.
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [PATCH] send-email: provide port separately from hostname
2013-07-04 22:42 ` Ramkumar Ramachandra
@ 2013-07-04 23:11 ` brian m. carlson
0 siblings, 0 replies; 3+ messages in thread
From: brian m. carlson @ 2013-07-04 23:11 UTC (permalink / raw)
To: Ramkumar Ramachandra; +Cc: git, gitster, krzysiek
[-- Attachment #1: Type: text/plain, Size: 2046 bytes --]
On Fri, Jul 05, 2013 at 04:12:19AM +0530, Ramkumar Ramachandra wrote:
> Hm, so the problem occurs when you give smtp_host_string() to
> Net::SMTP->new() as the first argument.
Yes. I created a test program, and Net::SMTP was fine as long as I used
Port, but failed when I included the port in the hostname string.
Arguably this is a bug in Net::SMTP.
> So if smtp_host_string() returns a hostname without a port, then
> Net::SMTP->new() will connect to port 25 by default?
Correct. Port 25 is the default for Net::SMTP, so there's no change in
behavior.
> I need to be in a (firewalled?) network that uses Kerberos to
> reproduce this, right? Even if I can't reproduce it, the change seems
> to be fine.
You need to have access to a mail server that will only relay when
authenticated, and only accepts GSSAPI. My personal server accepts
GSSAPI always and PLAIN only when TLS is enabled, so I just turned off
TLS temporarily to test.
As for Kerberos, yes, you'd need to have it set up to reproduce this.
> While we're on the subject, do you know how to get rid of this huge
> ugly warning I get everytime I send emails?
>
> *******************************************************************
> Using the default of SSL_verify_mode of SSL_VERIFY_NONE for client
> is deprecated! Please set SSL_verify_mode to SSL_VERIFY_PEER
> together with SSL_ca_file|SSL_ca_path for verification.
> If you really don't want to verify the certificate and keep the
> connection open to Man-In-The-Middle attacks please set
> SSL_verify_mode explicitly to SSL_VERIFY_NONE in your application.
> *******************************************************************
> at /home/artagnon/src/git/git-send-email line 1200.
You need to explicitly specify an SSL_verify_mode argument to start_SSL.
--
brian m. carlson / brian with sandals: Houston, Texas, US
+1 832 623 2791 | http://www.crustytoothpaste.net/~bmc | My opinion only
OpenPGP: RSA v4 4096b: 88AC E9B2 9196 305B A994 7552 F1BA 225C 0223 B187
[-- Attachment #2: Digital signature --]
[-- Type: application/pgp-signature, Size: 836 bytes --]
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2013-07-04 23:18 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2013-07-04 22:04 [PATCH] send-email: provide port separately from hostname brian m. carlson
2013-07-04 22:42 ` Ramkumar Ramachandra
2013-07-04 23:11 ` brian m. carlson
Code repositories for project(s) associated with this public inbox
https://80x24.org/mirrors/git.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).