Fix SMTPS / implicit TLS #292
Conversation
|
I would like to see a test that can confirm this behavior - ideally one that we could run in the automated tests, but I'd even be OK with one that we could run out of band 🤔 @strongholdmedia are you able to do that in the next week or two? |
|
@waynew well, my schedule is unusually overcrowded for the end of the year, but I can probably manage it in say, three weeks, if not two. EDIT: if this is to serve some release deadline purpose, I will try to adhere to some stricter timeline. |
|
No worries - we've definitely seem some ebb in our activity 😅 obviously I'm getting back into the flow here. If you can get it, that would be awesome - but I realize that life might be happening. Either way, I'm going to do what I can to get all these changes in before I cut a release. |
|
Ohhh this is nice ... but a bit complex-y... I really want to merge this, but let's do it after 1.4.3 goes final. We're trying to ensure projects that depends on aiosmtpd to have time to test with 1.4.3 and make the Debian Freeze (see #322 ) |
I still don't really understand this issue. |
|
@waynew I checked stuff and it seems that a very basic test case is provided historically for SMTPS. I tried to extend it somewhat, for the mere sake of activity :) but I have a hard time figuring out tox's "internal error" that it throws on me during coverage testing (with the main branch as well, so nothing specific to the changes). On the other hand, the basic test case may already suffice, as:
As such, I am not quite sure what to test further – as you either have TLS wrapping, and everything appears as if it was plaintext, or you have no TLS wrapping when you expect it, and you get random "binary" garbage. Meanwhile I merged upstream changes so that it is not outdated any further. |
|
Ah, now I see that there should probably be a test case for #281 (that is, having AUTH in the EHLO response). |
|
I checked smtplib docs and the test should work as it is. But I won't know until the workflow is authorized, as sadly, I must be missing something with the tox environments. |
|
Whoops got this error:
If you can add another commit to your |
|
I did, thanks. The previous test used the hardcoded response string for comparison, but the EHLO method returns a tuple IIRC. |
The previous test actually compares the tuple returned to a well-known tuple 'constant' in another file. Just because I got tired of checking both the code and the string returned separately, every time 😄 |
|
Coming nearer to fixing this! Only 2 failed tests actually, though spread across all the OSes 😆 Fail No. 1 Will need to change the expected string 😊 Fail No. 2 This might need a bit deeper digging; seems like Edit: I think you need to drop line |
Well, the complaint in #281 was (duly so) that AUTH is not provided when using SMTPS. (I.e. handled as plaintext.) This is now definitely fixed, I tested it manually yesterday (running the module directly). Currently if a "ssl" prop (a TLS context) is provided to So that I need to figure out how to pass a pre-wired TLS context to the constructor within the test (i.e. where to get key and cert from), then it should work. EDIT: yes, this, with what you have stated already, should definitely mean the "SMTPS" test was always running in plain unsecured mode. :/ |
|
aiosmtpd/tests/certs/server.crt should be the cert you're looking for 👍 |
Aren't we supposed to refresh that cert every now and then? |
I see it is valid until |
|
I missed the fact that all "extra" arguments are passed to the factory, then the controller, and finally to |
|
Wow, this time the change caused all jobs to fail. All jobs fail at exactly the same test case: |
pepoluan
added
enhancement
in progress
|
Well, my bad, it was not a change now but 2 days ago, which was some sort of leftover attempt. :/ But removed it now. @pepoluan all jobs failed previously as well, just – probably due to system congestion – they took longer to fail :) |
Codecov Report
@@ Coverage Diff @@
## master #292 +/- ##
=========================================
Coverage 100.00% 100.00%
=========================================
Files 7 7
Lines 1696 1697 +1
Branches 310 310
=========================================
+ Hits 1696 1697 +1
📣 We’re building smart automated test selection to slash your CI/CD build times. Learn more |
It expired a year or two ago, breaking all the tests. So I went ahead and generated one that was good for 100 years, since it's only used in testing. Next time it needs help it won't be my problem |
At the moment I'm really concerned with the deprecation of So I'm prioritizing #355 first. |
| tls_context: Optional[ssl.SSLContext] = None, | ||
| require_starttls: bool = False, | ||
| is_using_smtps: bool = False, |
There was a problem hiding this comment.
After doing some tracing, a thought occurred to me:
Implicit TLS (SMTPS) is triggered if tls_context is set, right?
Can we just set is_using_smtps attribute from that? So self._is_using_smtps = (tls_context is not None)?
I might've overlooked something, so I welcome a discussion here.
There was a problem hiding this comment.
Well, yes and no.
For once, tls_context is for STARTTLS; SMTPS uses ssl_context. (This was already such before, I did not change it.)
Otherwise we could set that, yep, but this option communicates clear intent.
As you've noted in #281, there is no possible means for detecting whether or not we are using implicit TLS (SMTPS) within the SMTP class.
This goes to the extent that ssl_context is actually not used by the SMTP class at all.
It is still kept by me, as if later authentication methods will require e.g. client re-validation or something, it could happen.
But unlike is_using_smtps, ssl_context may or may not be an explicit intent.
ssl_context being None could equally mean "should not use SMTPS", as well as "hey, we/they/... failed to handle a key / cert error / expiry / ... somewhere".
But as per the above, there is no means to detect whichever from inside the SMTP class; as such, if the described scenario happens, the client/user would just note that "hey, we don't have AUTH", or even "got SMTP error, pls help, it worked yesterday".
Currently, if is_using_smtps is set with no ssl_context, it should present an error.
I understand your point and will change it if that'd be the agreement, but I feel that would be a technically less correct approach.
|
Moved this to 1.4.4 milestone because it doesn't seem to cause any b0rkages. However, refraining from merging until the 'discussion' above has been resolved. |
|
Could this please be merged and a fixed version released? :) As a user I do not really care if you can pass stupid combinations of arguments or set attributes that would silence the warnings without actually using TLS. What I do care about is not having to use |
What do these changes do?
Allow for implicit TLS usage (based solely on provided context data as, like @pepoluan mentioned in #281, it is not quite feasible to detect any wrapping (nor should it be done).
Are there changes in behavior for the user?
Should not be any, as the only change affects a feature that did not quite work, like, ever.
Related issue number
Fixes #274 and most likely also closes #281.
Checklist
{py36,py37,py38,py39}-{nocov,cov,diffcov}, qa, docs{py36,py37,py38,py39}-{nocov,cov,diffcov}{py36,py37,py38,py39}-{nocov,cov,diffcov}, pypy3-{nocov,cov}, qa, docs{py36,pypy3}-{nocov,cov,diffcov}, qapy36-{nocov,cov,diffcov}, qa, docsNEWS.rstfile