[FIX] ir.mail_server: SMTP user and pass should be passed as bytes to login()

Passing a unicode used to work in Python 2.5 but that changed in 2.6 due to a change in the hmac module. In any case the various RFCs that describe such authentication mechanism do specify that UTF-8 encoded values should be used, so we should be safe coercing the user and passsword to UTF-8 bytes strings. And of course it should not change anything for the ASCII passwords out there anyway. For references, see: - Zope bug https://bugs.launchpad.net/zope.sendmail/+bug/597143 - Python issue http://bugs.python.org/issue5285 - http://tools.ietf.org/html/draft-ietf-sasl-crammd5-10#section-4 bzr revid: odo@openerp.com-20120312174348-iiqfa2toupn3udr3
2012-03-12 18:43:48 +01:00 · 2012-03-12 18:43:48 +01:00 · e74c011a60
parent f817f3f340
commit e74c011a60
1 changed files with 5 additions and 0 deletions
--- a/openerp/addons/base/ir/ir_mail_server.py
+++ b/openerp/addons/base/ir/ir_mail_server.py
@ -232,6 +232,11 @@ class ir_mail_server(osv.osv):

        if user:
            # Attempt authentication - will raise if AUTH service not supported
+            # The user/password must be converted to bytestrings in order to be usable for
+            # certain hashing schemes, like HMAC.
+            # See also bug #597143 and python issue #5285
+            user = tools.ustr(user).encode('utf-8')
+            password = tools.ustr(password).encode('utf-8') 
            connection.login(user, password)
        return connection