Re: [PATCH] send-email: provide port separately from hostname
On Fri, Jul 05, 2013 at 04:12:19AM +0530, Ramkumar Ramachandra wrote: > Hm, so the problem occurs when you give smtp_host_string() to > Net::SMTP->new() as the first argument. Yes. I created a test program, and Net::SMTP was fine as long as I used Port, but failed when I included the port in the hostname string. Arguably this is a bug in Net::SMTP. > So if smtp_host_string() returns a hostname without a port, then > Net::SMTP->new() will connect to port 25 by default? Correct. Port 25 is the default for Net::SMTP, so there's no change in behavior. > I need to be in a (firewalled?) network that uses Kerberos to > reproduce this, right? Even if I can't reproduce it, the change seems > to be fine. You need to have access to a mail server that will only relay when authenticated, and only accepts GSSAPI. My personal server accepts GSSAPI always and PLAIN only when TLS is enabled, so I just turned off TLS temporarily to test. As for Kerberos, yes, you'd need to have it set up to reproduce this. > While we're on the subject, do you know how to get rid of this huge > ugly warning I get everytime I send emails? > > *** > Using the default of SSL_verify_mode of SSL_VERIFY_NONE for client > is deprecated! Please set SSL_verify_mode to SSL_VERIFY_PEER > together with SSL_ca_file|SSL_ca_path for verification. > If you really don't want to verify the certificate and keep the > connection open to Man-In-The-Middle attacks please set > SSL_verify_mode explicitly to SSL_VERIFY_NONE in your application. > *** > at /home/artagnon/src/git/git-send-email line 1200. You need to explicitly specify an SSL_verify_mode argument to start_SSL. -- brian m. carlson / brian with sandals: Houston, Texas, US +1 832 623 2791 | http://www.crustytoothpaste.net/~bmc | My opinion only OpenPGP: RSA v4 4096b: 88AC E9B2 9196 305B A994 7552 F1BA 225C 0223 B187 signature.asc Description: Digital signature
Re: [PATCH] send-email: provide port separately from hostname
brian m. carlson wrote:
> diff --git a/git-send-email.perl b/git-send-email.perl
> index bd13cc8..ca86a13 100755
> --- a/git-send-email.perl
> +++ b/git-send-email.perl
> @@ -1199,9 +1199,11 @@ X-Mailer: git-send-email $gitversion
> else {
> require Net::SMTP;
> $smtp_domain ||= maildomain();
> - $smtp ||= Net::SMTP->new(smtp_host_string(),
Hm, so the problem occurs when you give smtp_host_string() to
Net::SMTP->new() as the first argument.
> + $smtp_server_port ||= 25;
So if smtp_host_string() returns a hostname without a port, then
Net::SMTP->new() will connect to port 25 by default?
> If the SMTP port is provided as part of the hostname to Net::SMTP, it passes
> the combined string to the SASL provider; this causes GSSAPI authentication to
> fail since Kerberos does not want the port information. Instead, pass the
> port
> as a separate argument as is done for SSL connections.
I need to be in a (firewalled?) network that uses Kerberos to
reproduce this, right? Even if I can't reproduce it, the change seems
to be fine.
While we're on the subject, do you know how to get rid of this huge
ugly warning I get everytime I send emails?
***
Using the default of SSL_verify_mode of SSL_VERIFY_NONE for client
is deprecated! Please set SSL_verify_mode to SSL_VERIFY_PEER
together with SSL_ca_file|SSL_ca_path for verification.
If you really don't want to verify the certificate and keep the
connection open to Man-In-The-Middle attacks please set
SSL_verify_mode explicitly to SSL_VERIFY_NONE in your application.
***
at /home/artagnon/src/git/git-send-email line 1200.
Thanks.
--
To unsubscribe from this list: send the line "unsubscribe git" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
