git send-email and courier mysql

Today I fought with git and the addon send-email of it to send my patches. It always complained about mail authentication failed.

So I debugged and debugged. In the end I did a manual smpt session with auth cram-md5 via telnet into my mail server. This ended in an authentication failed too!! So why?!?

The problem is with the auth data of courier which uses mysql in the backend.
Courier mysql can’t do a auth cram-md5 when you only use encrypted passwords in the db.

As soon as I put my password into the mysql column cleartextpwd, auth cram-md5 and so git send-email worked perfectly.

As the encrypted passwords can’t be decrypted, it is logical that courier needs the plaintext passwords, but it definitley should report this in the logs!!

On the other hand, I didn’t found any setting for the used auth method in git send-email. When I would be able to set it to login or something like that, I would be able to use it.

Ciao Thilo

PS: For all of you who wonder how the cram-md5 auth would work with telnet, here is a php script which I wrote to scramble the challenge, username and password:

It’s called with the parameters: challenge username password

like:         php test.php PDQzHERwQUExQjYzQTc3QzIzMDQ1UIO5RjcyMzc0NDQyQHNwaWVscLzuiHo+  theUsername  thePassword

this will output this: dGhlVXNlcm5hbWUgZjZkODliN2Y1YWI2ZGRiNDM1ZDk5MWUyNzI0OTQyY2I= which must be send to server.

#!/usr/bin/php
<?PHP
if(count($argv) != 4) { exit(‘Wrong parameter count’); }

$challenge = $argv[1];
$username  = $argv[2];
$password  = $argv[3];

$secret = hash_hmac(‘md5′, base64_decode($challenge), $password, TRUE);
echo base64_encode($username.’ ‘.bin2hex($secret));
?>

 

 

This entry was posted in Linux. Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *