GNU bug report logs - #31990
26.1; Stuck in loop trying to send bug report

Previous Next

Package: emacs;

Reported by: Live System User <nyc4bos <at> aol.com>

Date: Wed, 27 Jun 2018 23:56:02 UTC

Severity: normal

Tags: fixed

Merged with 26359, 35682

Found in versions 25.2, 26.1, 27.0.50

Fixed in version 27.1

Done: Lars Ingebrigtsen <larsi <at> gnus.org>

Bug is archived. No further changes may be made.

Full log

View this message in rfc822 format

From: Live System User <nyc4bos <at> aol.com>
To: Eli Zaretskii <eliz <at> gnu.org>
Cc: 31990 <at> debbugs.gnu.org
Subject: bug#31990: 26.1; Stuck in loop trying to send bug report
Date: Mon, 20 Aug 2018 23:56:18 -0400

Robert Pluim <rpluim <at> gmail.com> writes:

> Live System User <nyc4bos <at> aol.com> writes:
>
>>> Then how do you expect emacs to know that for those 2 particular
>>> servers it should prompt straight away?
>>
>>   Because (I believe) that the protocol requires a "password" or
>>   certificate.
>
> Thatʼs unfortunately not the way SMTP authentication works,

  I thought from my original message that you responded to that
  you understood that the "protocol" I'm referring to (above) is
  TLS (in conjunction with SMTP), not SMTP separately or in the
  absense of a TLS connection.

  Perhaps we are miscommunicating?

>                        itʼs very
> much optional

  I believe that either a "password" or a certicate is needed
  to establish a TLS conection and not optional.

>               (and some servers change their authentication
> requirements based on the recipient of the mail youʼre trying to
> send).

  Are we still talking about TLS connectons?
  
  Unless there is NO authenication required, a changed authenication
  requirement is still an authenication requiring a "password" or
  certificate if it involves TLS, nonetheless.

  That valid "password" can even be blank, an email address or anything
  (including the recipient) depending on the server's valid authenication
  method.

  I'm saying that I believe the SSL/TLS or STARTTLS protocols require
  a "password" or certficate.  Are you saying that's incorrect or it's
  not necessarily so?
>
>>
>>>                                         Or are you asking for a
>>> generic 'if AUTH in capabilities then prompt username and password'
>>> feature?
>>
>>   I'm requesting to restore the capability that
>>   `smtpmail-auth-credentials' provided previously.
>>
>>>
>>>>   Previously, one used `smtpmail-auth-credentials' for this.
>>>
>>> Which as Eli points out needed to be stored somewhere as well.
>>
>>   But it doesn't have to be stored on *disk*.
>>
>>   It can be defined anew each Emacs session and thus only "stored"
>>   in *memory*.
>
> I would find it very annoying to have to do that, but to each his
> own. I doubt that having the username in memory is any more secure
> than having it in an encrypted file.

  I'm sure that there are those that feel that same way about passwords.

  And even so they still feel more comfortable not storing their
  passsword, even in an encryped file, on disk.
>
> Having said that, there might be a case that smtpmail should prompt
> for authentication if smtpmail-smtp-user is set even without a
> corresponding .authinfo setting. Iʼll take a look.

  `smtpmail-auth-credentials' use to facilitate this.

  A similiar methodology would suffice.

>                                  Iʼll take a look.

  Thanks.
>
> Robert
This bug report was last modified 5 years and 295 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.