Edgewall Software
Modify

Opened 18 years ago

Last modified 9 years ago

#4931 new defect

notification with SMTP through SSL is not supported (fix included)

Reported by: info@… Owned by:
Priority: normal Milestone: next-major-releases
Component: notification Version: 0.10.3
Severity: normal Keywords: notification
Cc: Branch:
Release Notes:
API Changes:
Internal Changes:

Description

Sending mail notifications does not work with SSL SMTP server. Python hangs (so does not raise an Error) on source:/trunk/trac/notification.py@4316#L278.

This could be fixed using the ssmtplib from http://aleph-null.tv/downloads/ssmtplib.py

The method 'beginSend' on source:/trunk/trac/notification.py@4316#L277.should be like:

def begin_send(self):
        if self._use_tls:
                self.server=ssmtplib.SMTP_SSL(self.smtp_server, self.smtp_port)
        else:
                self.server=ssmtplib.SMTP(self.smtp_server, self.smtp_port)
        if self.user_name:
                self.server.login(self.user_name, self.password)

Attachments (1)

notification.py.diff (1.5 KB ) - added by Farhan Ahmad <farhan@…> 16 years ago.
Diff of notification.py with python 2.6 SMTP_SSL support

Download all attachments as: .zip

Change History (19)

in reply to:  description ; comment:1 by Emmanuel Blot, 18 years ago

Component: generalticket system
Keywords: notification added
Milestone: 0.10.40.11
Summary: notification with SMTP through SSL does not work (fix included)notification with SMTP through SSL is not supported (fix included)

Replying to info@illusoft.com:

Sending mail notifications does not work with SSL SMTP server.

True, this feature is not yet supported

The method 'beginSend' on source:/trunk/trac/notification.py@4316#L277.should be like:

I have some doubt about this patch: have you actually tested it with a TLS-enabled server? SMTP over SSL and SMTP+TLS are not the same beast:

  1. Your patch is about initializing an encrypted SSL link then use it to transmit the SMTP stream. This is usually called smtps.
  2. The actual implementation use STARTTLS: a clear (non-encrypted) link is initialized with a SMTP server, then the client and the server negociates and encrypts the transmission.

See http://sial.org/howto/openssl/tls-name for details

Applying this patch as-is would break regular support for STMP+STARTTLS. The code needs to be modified to support both encryption scheme.

Maybe a candidate for 0.11, with support for key and certificate files.

in reply to:  1 ; comment:2 by Emmanuel Blot, 18 years ago

Replying to eblot:

I have some doubt about this patch: have you actually tested it with a TLS-enabled server?

I meant a server that supports STARTTLS, not TLS - sorry

in reply to:  2 ; comment:3 by anonymous, 18 years ago

Replying to eblot:

Replying to eblot:

I have some doubt about this patch: have you actually tested it with a TLS-enabled server?

I meant a server that supports STARTTLS, not TLS - sorry

I tested it with a SMTP server which uses port 465. It's SMTP over SSL not TLS. I could be that it breaks support for STARTTLS, but I can not test this. Maybe an extra flag in trac.ini with use_ssl instead of use_tls?

in reply to:  3 ; comment:4 by Emmanuel Blot, 18 years ago

Replying to anonymous:

I tested it with a SMTP server which uses port 465. It's SMTP over SSL not TLS. I could be that it breaks support for STARTTLS, but I can not test this. Maybe an extra flag in trac.ini with use_ssl instead of use_tls?

Yeah, we need to rework the notification options in the next release anyway. As SSL is mutually exclusive with (START)TLS, a single option would probably be a better choice.

in reply to:  4 comment:5 by anonymous, 18 years ago

Replying to eblot:

Replying to anonymous:

I tested it with a SMTP server which uses port 465. It's SMTP over SSL not TLS. I could be that it breaks support for STARTTLS, but I can not test this. Maybe an extra flag in trac.ini with use_ssl instead of use_tls?

Yeah, we need to rework the notification options in the next release anyway. As SSL is mutually exclusive with (START)TLS, a single option would probably be a better choice.

Ok, a single option is better then. Thanks for your efforts!

comment:6 by farhan@…, 16 years ago

Is this still planned on being included? Thanks.

in reply to:  6 ; comment:7 by anonymous, 16 years ago

Replying to farhan@thebitguru.com:

Is this still planned on being included? Thanks.

It seems they do not plan to fix this until 0.11.1 :-) However it is easy to fix this yuorself. Download the ssmtplib.py to the same folder as notification.py located in. "self._use_tls" does not work for some reason, so just replace the method with the following:

def begin_send(self):
        self.server=ssmtplib.SMTP_SSL(self.smtp_server, self.smtp_port)
        if self.user_name:
                self.server.login(self.user_name, self.password)

And add this line to the top of file notification.py.

import ssmtplib

And enjoy while we are waiting for the official support of SSL and TLS :-)

in reply to:  7 comment:8 by anonymous, 16 years ago

Replying to anonymous:

Download the ssmtplib.py to the same folder as notification.py located in.

Where do I download this ssmtplib.py from?

thanks.

comment:9 by thebitguru, 16 years ago

You can download ssmtplib.py from http://www1.cs.columbia.edu/~db2501/

comment:10 by Christian Boos, 16 years ago

Milestone: 0.11-retriage0.13

comment:11 by farhan@…, 16 years ago

FYI, smtplib in python 2.6 has SMTP_SSL built-in. Ideally, we would use this, but, unfortunately, smtplib.SMTP_SSL has a bug until the upcoming release of 2.6 (2.6.3 I believe) (See http://bugs.python.org/issue4066 for details).

comment:12 by Farhan Ahmad <farhan@…>, 16 years ago

Oh, one last thing, ssmtplib as-is has issues in python 2.6.

>>> import ssmtplib
>>> ssmtplib.SMTP_SSL('smtp.gmail.com', 465)
ssmtplib.py:116: DeprecationWarning: socket.ssl() is deprecated.  Use ssl.wrap_socket() instead.
  sslobj = socket.ssl(self.sock, self.keyfile, self.certfile)
Traceback (most recent call last):
  File "<stdin>", line 1, in <module>
  File "ssmtplib.py", line 79, in __init__
    smtplib.SMTP.__init__(self, host, port, local_hostname)
  File "/usr/lib/python2.6/smtplib.py", line 239, in __init__
    (code, msg) = self.connect(host, port)
  File "ssmtplib.py", line 131, in connect
    self.sock = smtplib.SSLFakeSocket(self.sock, sslobj)
AttributeError: 'module' object has no attribute 'SSLFakeSocket'
>>>

I have attached a diff of notification.py that works with python 2.6 (and only >2.6 because it uses the standard SMTP_SSL class).

by Farhan Ahmad <farhan@…>, 16 years ago

Attachment: notification.py.diff added

Diff of notification.py with python 2.6 SMTP_SSL support

comment:13 by anonymous, 13 years ago

notification.py bu dosya nerde ?

in reply to:  13 ; comment:14 by Christian Boos, 13 years ago

Replying to anonymous:

notification.py bu dosya nerde ?

If this was not SPAM, please restate in English. Thanks!

comment:15 by Peter Suter, 12 years ago

Component: ticket systemnotification

in reply to:  14 comment:16 by Steffen Hoffmann, 12 years ago

Replying to cboos:

Replying to anonymous:

notification.py bu dosya nerde ?

If this was not SPAM, please restate in English. Thanks!

Not knowing a single bit of that language myself, but a quick research yields an exact hit in a Turkish forum, and querying dict.cc about these and similar terms in Turkish suggest

"notification.py - where is this file to be found."

comment:17 by Steffen Hoffmann, 12 years ago

This issue has erroneously been reported for th:AnnouncerPlugin in th:#10484 as well.

comment:18 by Ryan J Ollos, 9 years ago

Owner: Jonas Borgström removed

Modify Ticket

Change Properties
Set your email in Preferences
Action
as new The ticket will remain with no owner.
The ticket will be disowned.
as The resolution will be set. Next status will be 'closed'.
The owner will be changed from (none) to anonymous. Next status will be 'assigned'.

Add Comment


E-mail address and name can be saved in the Preferences .
 
Note: See TracTickets for help on using tickets.