notification with SMTP through SSL is not supported (fix included)

[info@…]

Sending mail notifications does not work with SSL SMTP server. Python hangs (so does not raise an Error) on source:/trunk/trac/notification.py@4316#L278​.

This could be fixed using the ssmtplib from ​http://aleph-null.tv/downloads/ssmtplib.py

The method 'beginSend' on source:/trunk/trac/notification.py@4316#L277.should​ be like:

def begin_send(self):
        if self._use_tls:
                self.server=ssmtplib.SMTP_SSL(self.smtp_server, self.smtp_port)
        else:
                self.server=ssmtplib.SMTP(self.smtp_server, self.smtp_port)
        if self.user_name:
                self.server.login(self.user_name, self.password)

[Emmanuel Blot]

Replying to info@illusoft.com:

Sending mail notifications does not work with SSL SMTP server.

True, this feature is not yet supported

The method 'beginSend' on source:/trunk/trac/notification.py@4316#L277.should​ be like:

I have some doubt about this patch: have you actually tested it with a TLS-enabled server? SMTP over SSL and SMTP+TLS are not the same beast:

1. Your patch is about initializing an encrypted SSL link then use it to transmit the SMTP stream. This is usually called smtps.
2. The actual implementation use STARTTLS: a clear (non-encrypted) link is initialized with a SMTP server, then the client and the server negociates and encrypts the transmission.

See ​http://sial.org/howto/openssl/tls-name for details

Applying this patch as-is would break regular support for STMP+STARTTLS. The code needs to be modified to support both encryption scheme.

Maybe a candidate for 0.11, with support for key and certificate files.

[Emmanuel Blot]

Replying to eblot:

I have some doubt about this patch: have you actually tested it with a TLS-enabled server?

I meant a server that supports STARTTLS, not TLS - sorry

[anonymous]

Replying to eblot:

Replying to eblot:

I have some doubt about this patch: have you actually tested it with a TLS-enabled server?

I meant a server that supports STARTTLS, not TLS - sorry

I tested it with a SMTP server which uses port 465. It's SMTP over SSL not TLS. I could be that it breaks support for STARTTLS, but I can not test this. Maybe an extra flag in trac.ini with use_ssl instead of use_tls?

[Emmanuel Blot]

Replying to anonymous:

I tested it with a SMTP server which uses port 465. It's SMTP over SSL not TLS. I could be that it breaks support for STARTTLS, but I can not test this. Maybe an extra flag in trac.ini with use_ssl instead of use_tls?

Yeah, we need to rework the notification options in the next release anyway. As SSL is mutually exclusive with (START)TLS, a single option would probably be a better choice.

[anonymous]

Replying to eblot:

Replying to anonymous:

I tested it with a SMTP server which uses port 465. It's SMTP over SSL not TLS. I could be that it breaks support for STARTTLS, but I can not test this. Maybe an extra flag in trac.ini with use_ssl instead of use_tls?

Yeah, we need to rework the notification options in the next release anyway. As SSL is mutually exclusive with (START)TLS, a single option would probably be a better choice.

Ok, a single option is better then. Thanks for your efforts!

[farhan@…]

Is this still planned on being included? Thanks.

[anonymous]

Replying to farhan@thebitguru.com:

Is this still planned on being included? Thanks.

It seems they do not plan to fix this until 0.11.1 :-) However it is easy to fix this yuorself. Download the ssmtplib.py to the same folder as notification.py located in. "self._use_tls" does not work for some reason, so just replace the method with the following:

def begin_send(self):
        self.server=ssmtplib.SMTP_SSL(self.smtp_server, self.smtp_port)
        if self.user_name:
                self.server.login(self.user_name, self.password)

And add this line to the top of file notification.py.

import ssmtplib

And enjoy while we are waiting for the official support of SSL and TLS :-)

[anonymous]

Replying to anonymous:

Download the ssmtplib.py to the same folder as notification.py located in.

Where do I download this ssmtplib.py from?

thanks.

[thebitguru]

You can download ssmtplib.py from ​http://www1.cs.columbia.edu/~db2501/

[farhan@…]

FYI, smtplib in python 2.6 has SMTP_SSL built-in. Ideally, we would use this, but, unfortunately, smtplib.SMTP_SSL has a bug until the upcoming release of 2.6 (2.6.3 I believe) (See ​http://bugs.python.org/issue4066 for details).

[Farhan Ahmad <farhan@…>]

Oh, one last thing, ssmtplib as-is has issues in python 2.6.

>>> import ssmtplib
>>> ssmtplib.SMTP_SSL('smtp.gmail.com', 465)
ssmtplib.py:116: DeprecationWarning: socket.ssl() is deprecated.  Use ssl.wrap_socket() instead.
  sslobj = socket.ssl(self.sock, self.keyfile, self.certfile)
Traceback (most recent call last):
  File "<stdin>", line 1, in <module>
  File "ssmtplib.py", line 79, in __init__
    smtplib.SMTP.__init__(self, host, port, local_hostname)
  File "/usr/lib/python2.6/smtplib.py", line 239, in __init__
    (code, msg) = self.connect(host, port)
  File "ssmtplib.py", line 131, in connect
    self.sock = smtplib.SSLFakeSocket(self.sock, sslobj)
AttributeError: 'module' object has no attribute 'SSLFakeSocket'
>>>

I have attached a diff of notification.py that works with python 2.6 (and only >2.6 because it uses the standard SMTP_SSL class).

[Farhan Ahmad <farhan@…>]

Diff of notification.py with python 2.6 SMTP_SSL support

[anonymous]

notification.py bu dosya nerde ?

[Christian Boos]

Replying to anonymous:

notification.py bu dosya nerde ?

If this was not SPAM, please restate in English. Thanks!

[Steffen Hoffmann]

Replying to cboos:

Replying to anonymous:

notification.py bu dosya nerde ?

If this was not SPAM, please restate in English. Thanks!

Not knowing a single bit of that language myself, but a quick research yields an exact hit in a Turkish forum, and querying dict.cc about these and similar terms in Turkish suggest

"notification.py - where is this file to be found."

[Steffen Hoffmann]

This issue has erroneously been reported for ​th:AnnouncerPlugin in ​th:#10484 as well.