GNU bug report logs - #78366
30.1; auth-source-xoauth2-plugin conflicts with multiple Google accounts

Previous Next

Package: emacs;

Reported by: Anush V <j <at> gnu.org>

Date: Sun, 11 May 2025 02:46:02 UTC

Severity: normal

Tags: fixed

Found in version 30.1

Fixed in version 31.1

Done: Robert Pluim <rpluim <at> gmail.com>

Bug is archived. No further changes may be made.

Full log

Message #35 received at 78366 <at> debbugs.gnu.org (full text, mbox):

From: Xiyue Deng <manphiz <at> gmail.com>
To: Robert Pluim <rpluim <at> gmail.com>
Cc: 78366 <at> debbugs.gnu.org, Anush V <j <at> gnu.org>
Subject: Re: bug#78366: 30.1; auth-source-xoauth2-plugin conflicts with
 multiple Google accounts
Date: Fri, 16 May 2025 02:58:39 -0700

[Message part 1 (text/plain, inline)]
Xiyue Deng <manphiz <at> gmail.com> writes:

> Hi Robert,
>
> Robert Pluim <rpluim <at> gmail.com> writes:
>
>>>>>>> On Thu, 15 May 2025 00:17:02 -0700, Xiyue Deng <manphiz <at> gmail.com> said:
>>
>>     Xiyue> Thanks for the insights! I managed to reproduce the issue, and during
>>     Xiyue> debugging I got the list from the reply as Anush mentioned.  Turned out
>>     Xiyue> that the return code was 334 server challenge[1], so it was waiting for
>>     Xiyue> the correct user and password.  Sometimes this was directly considered
>>     Xiyue> authentication unsuccessful for Gmail[2].  `smtpmail-ok-p' considers a
>>     Xiyue> return code less than 400 as successful, and only has challenge handling
>>     Xiyue> implemented in cram-md5.  As we should be providing the correct
>>     Xiyue> credentials directly in xoauth2, 334 is effectively a failure.
>>
>>     Xiyue> Maybe in `smtpmail-try-auth-method' for xoauth2, if we see return code
>>     Xiyue> 334, we should change the return value to "535 5.7.8 Authentication
>>     Xiyue> credentials invalid".  Would like to see whether the Emacs maintainers
>>     Xiyue> this is a good idea.
>>
>> Itʼs either that, or change `smtpmail-ok-p' to accept a second
>> optional parameter for which codes to accept for success, which seems
>> like overkill here.
>>
>
> In this case it's more like which codes not to accept (334), but I agree
> `smtpmail-ok-p' is probably the wrong place to handle that.
>
> I'll work on a patch for `smtpmail-try-auth-method' later.
>

A draft patch is attached, please take a look.

-- 
Regards,
Xiyue Deng

[0001-Make-xoauth2-auth-fail-when-a-smtp-server-replies-33.patch (text/x-diff, attachment)]
[signature.asc (application/pgp-signature, inline)]
This bug report was last modified 39 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.