search

python / cpython

The Python programming language
https://www.python.org
Other
62.04k stars 29.82k forks source link

Add support for AUTH command to poplib #64551

Open 9864e910-ed02-40a6-beee-6177577063f0 opened 10 years ago

9864e910-ed02-40a6-beee-6177577063f0 commented 10 years ago
BPO 20352
Nosy @warsaw, @bitdancer
Files
  • poplib_auth.patch: Initial patch
    		•

    Note: these values reflect the state of the issue at the time it was migrated and might not reflect the current state.

    Show more details

    GitHub fields: ```python assignee = None closed_at = None created_at = labels = ['easy', 'type-feature', 'library', 'expert-email'] title = 'Add support for AUTH command to poplib' updated_at = user = 'https://bugs.python.org/dveeden' ``` bugs.python.org fields: ```python activity = actor = 'r.david.murray' assignee = 'none' closed = False closed_date = None closer = None components = ['Library (Lib)', 'email'] creation = creator = 'dveeden' dependencies = [] files = ['33651'] hgrepos = [] issue_num = 20352 keywords = ['patch', 'easy'] message_count = 4.0 messages = ['208837', '208841', '208904', '208923'] nosy_count = 3.0 nosy_names = ['barry', 'r.david.murray', 'dveeden'] pr_nums = [] priority = 'normal' resolution = None stage = 'needs patch' status = 'open' superseder = None type = 'enhancement' url = 'https://bugs.python.org/issue20352' versions = ['Python 3.5'] ```

    9864e910-ed02-40a6-beee-6177577063f0 commented 10 years ago

    I use 'AUTH PLAIN \<secret>' to login to a POP3 server with a proxy user. I can't use 'pass_()' as I need to supply a admin user and the user to proxy into.

    class adminpopserver(poplib.POP3):
    def auth(self, method, secret):
        return self._shortcmd('AUTH %s %s' % (method, secret))

secret = "{user}\0{adminuser}\0{password}".format(
    user=user, 
    adminuser=adminuser, 
    password=password)
secret = secret.encode('base64').strip('\n')
    bitdancer commented 10 years ago

    This is basically rfc 5034 support? Sounds like a good idea.

    I'm going to mark this issue as 'easy' because it isn't a whole lot of code, but for anyone who wants to tackle it, know that understanding the RFC and getting it *right* is not necessarily trivial, because: rfc :)

    9864e910-ed02-40a6-beee-6177577063f0 commented 10 years ago

    As far as I understood the RFC:

    A client should send CAPA and check if there is a SASL tag in the response (e.g. "SASL PLAIN").

    \=============================== +OK Dovecot ready. AUTH PLAIN base64_encoded_info +OK Logged in. LIST \=============================== I've replace the base64 encoded authentication info with 'base64_encoded_info'

    For other authentication mechanisms the response can be longer (it may contain a challenge) and the request may only contain the mechanim.

    I don't have a server which supports anything else than AUTH PLAIN, so I could verify/test this.

    bitdancer commented 10 years ago

    imaplib has an API for handling that kind of thing. Maybe we can model the poplib support off of that API. It would be nice to be consistent, assuming it in fact makes sense for poplib as well.