This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Title: smtplib starttls() should ehlo() if it needs to
Type: enhancement Stage:
Components: Library (Lib) Versions: Python 2.4, Python 2.6, Python 2.5
Status: closed Resolution: accepted
Dependencies: Superseder:
Assigned To: gregory.p.smith Nosy List: fenner, gregory.p.smith, gvanrossum, jamesh, jcea
Priority: normal Keywords: easy

Created on 2007-10-26 23:26 by fenner, last changed 2022-04-11 14:56 by admin. This issue is now closed.

File name Uploaded Description Edit
smtplib-startls-ehlo.diff fenner, 2007-10-30 17:38
Messages (6)
msg56829 - (view) Author: Bill Fenner (fenner) Date: 2007-10-26 23:26
smtplib's "complex" methods, login and sendmail, try to EHLO or HELO if 
it hasn't been done yet.  login also checks to see if the EHLO response 
included the ability to do authorization.

starttls seems to me to be similar in nature: why should it not try to 
EHLO or HELO, and check that self.has_extn("starttls")?
msg56914 - (view) Author: Guido van Rossum (gvanrossum) * (Python committer) Date: 2007-10-29 17:35
You'll get more traction on this if you submit a patch.
msg56965 - (view) Author: Bill Fenner (fenner) Date: 2007-10-30 17:38
I've attached a patch against 2.4.3.

The patch does the following:
- Factor out the duplication of EHLO/HELO in login() and sendmail() to a 
new function, ehlo_or_helo_if_needed().
- Use ehlo_or_helo_if_needed() in starttls()
- Check for the starttls exception in starttls() in the same way as 
login() checks for the auth extension.
msg59817 - (view) Author: James Henstridge (jamesh) Date: 2008-01-12 13:46
From RFC 2487 section 5.2: "The client MUST discard any knowledge
obtained from the server, such as the list of SMTP service extensions,
which was not obtained from the TLS negotiation itself. The client
SHOULD send an EHLO command as the first command after a successful TLS

So the starttls() method should probably also be clearing helo_resp and
ehlo_resp (and maybe anything else discovered by ehlo()).

There are servers in the wild that will (a) refuse to talk to you unless
you issue another EHLO after TLS is negotiated and (b) offer a different
set of ESMTP features (such as only supporting SMTP AUTH after TLS). 
This patch isn't enough to talk to such servers.
msg60012 - (view) Author: Bill Fenner (fenner) Date: 2008-01-17 01:37
jamesh, I attached the patch for that to the already-existing bug, filed 
in 2003:
msg60022 - (view) Author: Gregory P. Smith (gregory.p.smith) * (Python committer) Date: 2008-01-17 08:37
Accepted and applied, with appropriate documentation updates.

In svn trunk r60020 for 2.6.
Date User Action Args
2022-04-11 14:56:27adminsetgithub: 45680
2008-01-17 08:37:34gregory.p.smithsetstatus: open -> closed
resolution: accepted
messages: + msg60022
versions: + Python 2.6, Python 2.5
2008-01-17 02:08:30gregory.p.smithsetassignee: gregory.p.smith
2008-01-17 02:06:04gregory.p.smithsetnosy: + gregory.p.smith
2008-01-17 01:37:25fennersetmessages: + msg60012
2008-01-16 02:22:54jceasetnosy: + jcea
2008-01-12 13:46:35jameshsetnosy: + jamesh
messages: + msg59817
2008-01-12 01:43:34akuchlingsetkeywords: + easy
2007-10-30 17:38:28fennersetfiles: + smtplib-startls-ehlo.diff
messages: + msg56965
2007-10-29 17:35:19gvanrossumsetnosy: + gvanrossum
messages: + msg56914
2007-10-26 23:26:14fennercreate