Bug #58002 for libnet: libnet: Net::SMTP->auth() forces SASL methods (including broken DIGEST-MD5)

Net::SMTP (in libnet) provides a auth() method which will do SMTP AUTH against the mail server prior to attempting to send mail. This auto-detects the SMTP AUTH methods available and (AFAICT) always uses the first one that is reported, even if the caller knows that method will not work (in my case DIGEST-MD5 appears not to work; see below). The auth() method provides an option to receive an Authen::SASL object as the "username" parameter, rather than username/password in plain text, which has been preconfigured with the necessary authentication parameters. Howver Net::SMTP in libnet 1.22 and 1.22_01 explicitly overrides the specified mechanisms in the provided Authen::SASL object, which means that it will use the first reported SMTP AUTH mechanism (even if the caller knows that it won't work). A simple patch would change Net::SMTP::auth() so that it uses the specified SMTP AUTH mechanism(s), and conveniently falls back to the auto-detected approach if none is specified: -=- cut here -=- ewen@bethel:~$ diff -u /tmp/Net-SMTP.pm /opt/local/lib/perl5/5.8.9/Net/SMTP.pm --- /tmp/Net-SMTP.pm 2010-06-01 09:23:57.000000000 +1200 +++ /opt/local/lib/perl5/5.8.9/Net/SMTP.pm 2010-06-01 09:22:23.000000000 +1200 @@ -124,7 +124,10 @@ if (ref($username) and UNIVERSAL::isa($username, 'Authen::SASL')) { $sasl = $username; - $sasl->mechanism($mechanisms); + my $requested_mechanisms = $sasl->mechanism(); + if (! defined($requested_mechanisms) || $requested_mechanisms eq '') { + $sasl->mechanism($mechanisms); + } } else { die "auth(username, password)" if not length $username; -=- cut here -=- (viz rather than explicitly forcing the methods set them only if the provided object doesn't have any set). Ewen DIGEST-MD5 auth failing against (at least) Sendmail 8.14: Given a trivial test script against test.smtp.org (http://test.smtp.org/), using MIME::Lite which then calls Net::SMTP when in "smtp" mode: -=- cut here -=- #! /usr/bin/env perl use MIME::Lite; use Authen::SASL; my $auth = Authen::SASL->new(# mechanism => 'CRAM-MD5 LOGIN PLAIN', callback => { user => 'user17', pass => 'pass17', authname => 'user17' }); MIME::Lite->send('smtp', 'test.smtp.org', AuthUser => $auth, AuthPass => 'pass16'); my $msg = MIME::Lite->new( From => 'user@example.com', To => 'bit-bucket@test.smtp.org', Subject => 'Test relayed message', Type => 'multipart/mixed', Datestamp => 0, # Let mailserver create Date: ) || die "Unable to create new message: $!\n"; # Else need Mail::Date::Format $msg->attach( Type => 'TEXT', Data => 'Test message from MIME::Lite', ); print $msg->as_string; $msg->send(); -=- cut here -=- the message will fail to be delivered with: SMTP mail() command failed: because the remote Sendmail server closes the connection after doing DIGEST-MD5 and receiving the MAIL FROM: line (even though it reports that the SMTP AUTH was successful). TCP session looks like: -=- cut here -=- 220 test.smtp.org ESMTP Sendmail 8.14.4.Alpha1 ready at Mon, 31 May 2010 13:59:01 -0700 (PDT); see http://test.smtp.org/ EHLO localhost.localdomain 250-test.smtp.org Hello 203-167-144-68.cable.telstraclear.net [203.167.144.68], pleased to meet you 250-ENHANCEDSTATUSCODES 250-PIPELINING 250-EXPN 250-VERB 250-8BITMIME 250-SIZE 250-DSN 250-ETRN 250-AUTH DIGEST-MD5 CRAM-MD5 PLAIN LOGIN ANONYMOUS 250-STARTTLS 250-DELIVERBY 250 HELP AUTH DIGEST-MD5 334 bm9uY2U9Ik5KYWh6dUVaNDkwcEpFYzhDUWlpc0pYQlVvdjFMYUVDd0VpVjJlYk0vOFU9IixyZWFsbT0idGVzdC5zbXRwLm9yZyIscW9wPSJhdXRoLGF1dGgtaW50LGF1dGgtY29uZiIsY2lwaGVyPSJyYzQtNDAscmM0LTU2LHJjNCxkZXMsM2RlcyIsbWF4YnVmPTgxOTIsY2hhcnNldD11dGYtOCxhbGdvcml0aG09bWQ1LXNlc3M= YXV0aHppZD0idXNlcjE2IixjaGFyc2V0PXV0Zi04LGNub25jZT0iYzE3MDgxNDE4YmQ0MzE1YjZkMzMxYTUzMDY1YmNlN2UiLGRpZ2VzdC11cmk9InNtdHAvdGVzdC5zbXRwLm9yZyIsbmM9MDAwMDAwMDEsbm9uY2U9Ik5KYWh6dUVaNDkwcEpFYzhDUWlpc0pYQlVvdjFMYUVDd0VpVjJlYk0vOFU9Iixxb3A9YXV0aC1pbnQscmVhbG09InRlc3Quc210cC5vcmciLHJlc3BvbnNlPWU2ZjJjZDFlNTM4MzQxOTA4OTI3YTAxZDg3ZmIwOTFmLHVzZXJuYW1lPSJ1c2VyMTYi 334 cnNwYXV0aD04YTU5NTFmNWRhM2U1NzgxNDA4YTg3MmNlYjZiODc4NQ== 235 2.0.0 OK Authenticated MAIL FROM:<test@example.com> -=- cut here -=- Logs from mail server look like: -=- cut here -=- May 31 14:22:55 zim testmail[1613]: AUTH=server, relay=203-167-144-68.cable.telstraclear.net [203.167.144.68], authid=user17, mech=DIGEST-MD5, bits=1 May 31 14:22:55 zim testmail[1613]: encoded packet size too big (1296124236 > 8192) May 31 14:22:55 zim testmail[1613]: AUTH: sasl_decode error=-1 May 31 14:22:55 zim testmail[1613]: o4VLMsgN001613: 203-167-144-68.cable.telstraclear.net [203.167.144.68] did not issue MAIL/EXPN/VRFY/ETRN during connection to testv4 -=- cut here -=- This also fails to another Sendmail SMTP Server used by a client, which is where I first encountered the problem. SMTP AUTH Digest-MD5 does work to both servers using, eg, msmtp (http://msmtp.sourceforge.net/) so the servers do appear to have working DIGEST-MD5 support.