[Patches] [ python-Patches-552605 ] Fix broken smtplib.login()

noreply@sourceforge.net noreply@sourceforge.net
Mon, 07 Oct 2002 15:28:01 -0700 

Patches item #552605, was opened at 2002-05-05 20:23
You can respond by visiting: 
https://sourceforge.net/tracker/?func=detail&atid=305470&aid=552605&group_id=5470

Category: Library (Lib)
Group: Python 2.2.x
Status: Open
Resolution: None
Priority: 5
Submitted By: Andrew Rucker Jones (arjones)
Assigned to: Barry A. Warsaw (bwarsaw)
Summary: Fix broken smtplib.login()

Initial Comment:
RFC 2554 explicitly states that all base64 data in SMTP
AUTH challenges and responses can be of arbitrary
length, but the base64 module adds a newline after 57
bytes of binary data that it has converted to ascii.
This is not accounted for in smtplib.login(), leading
to extraneous newline characters in the middle of long
responses that do weird things to the SMTP session. The
patch is for smtplib.py already patched with the patch
from SourceForge patch ID 552060 and fixes this problem.

----------------------------------------------------------------------

Comment By: Gerhard Häring (ghaering)
Date: 2002-10-08 00:28

Message:
Logged In: YES 
user_id=163326

The patch addressed a problem, but the proposed fix was
WRONG. Just as wrong as my original SMTP auth code, though
(using [:-1] to remove the newlines from base64.encode,
which is WRONG because there might be multiple newlines in
there).

In my now committed there was a correct solution using
email.base64MIME.encode resp. a workaround for Python 2.2.

So I'd propose to close this as 'Fixed'.

----------------------------------------------------------------------

Comment By: Martin v. Löwis (loewis)
Date: 2002-10-07 23:30

Message:
Logged In: YES 
user_id=21627

Now that the AUTH=LOGIN patch is committed, can 
somebody explain what needs to be done with this patch?

----------------------------------------------------------------------

Comment By: Andrew Rucker Jones (arjones)
Date: 2002-07-17 20:40

Message:
Logged In: YES 
user_id=236100

Not that my opinion matters much, but i'm all for ghaering's
solution.

----------------------------------------------------------------------

Comment By: Gerhard Häring (ghaering)
Date: 2002-06-30 23:20

Message:
Logged In: YES 
user_id=163326

I'd suggest to apply this simple patch for the 2.2
maintenance line and use email.base64MIME.encode in the CVS
version. This way we could move on without having to keep
this patch in the queue.

----------------------------------------------------------------------

Comment By: Barry A. Warsaw (bwarsaw)
Date: 2002-06-30 17:58

Message:
Logged In: YES 
user_id=12800

We should probably be using the email.base64MIME package
instead of base64.  The former is more RFC compliant for
email and related functions.  

email.base64MIME.encode(s, eol='') will eliminate the
newlines.  However base64MIME is only present in Python 2.3
cvs.  It may be backported to Python 2.2.2, but I'm not sure
about that yet.

----------------------------------------------------------------------

Comment By: Gerhard Häring (ghaering)
Date: 2002-06-21 12:42

Message:
Logged In: YES 
user_id=163326

Good spot!

I've incorporated this patch into my AUTH=LOGIN support with
patch #572031.

----------------------------------------------------------------------

You can respond by visiting: 
https://sourceforge.net/tracker/?func=detail&atid=305470&aid=552605&group_id=5470