Uh oh!
There was an error while loading.Please reload this page.
- Notifications
You must be signed in to change notification settings - Fork33.3k
Closed
Assignees
Description
Bug report
Bug description:
When using smtplib to send emails in an environment where MD5 is not supported (e.g. FIPS), using SMTP.login to authenticate with an SMTP server will fail with:
File "/usr/lib64/python3.9/smtplib.py", line 739, in login (code, resp) = self.auth( File "/usr/lib64/python3.9/smtplib.py", line 652, in auth authobject(challenge).encode('ascii'), eol='') File "/usr/lib64/python3.9/smtplib.py", line 670, in auth_cram_md5 return self.user + " " + hmac.HMAC( File "/usr/lib64/python3.9/hmac.py", line 60, in _init_ self._init_hmac(key, msg, digestmod) File "/usr/lib64/python3.9/hmac.py", line 69, in _init_hmac self._hmac = _hashopenssl.hmac_new(key, msg, digestmod=digestmod)ValueError: [digital envelope routines] unsupportedThe docs for SMTP.login say:
"Each of the authentication methods supported bysmtplib are tried in turn if they are advertised as supported by the server."
But the problem here is auth_cram_md5 is always attempted first and the ValueError is not caught so smtplib never moves on to other authentication methods
CPython versions tested on:
3.9
Operating systems tested on:
Linux
Linked PRs
- gh-136134: Fallback to next auth method when CRAM-MD5 fails due to unsupported hash (e.g. FIPS) #136188
- gh-136134: imaplib: fix CRAM-MD5 on FIPS-only environments #136615
- [3.14] gh-136134: imaplib: fix CRAM-MD5 on FIPS-only environments (GH-136615) #138051
- [3.14] gh-136134: imaplib: fix CRAM-MD5 on FIPS-only environments (GH-136615) #138054
- [3.13] gh-136134: imaplib: fix CRAM-MD5 on FIPS-only environments (GH-136615) #138055
- gh-136134: smtplib: fix CRAM-MD5 on FIPS-only environments #136623
- [3.14] gh-136134: smtplib: fix CRAM-MD5 on FIPS-only environments (GH-136623) #138086
- [3.13] gh-136134: smtplib: fix CRAM-MD5 on FIPS-only environments (GH-136623) #138087
- gh-136134: restore truncated comment post GH-136623 #138088