| Message ID | 20181018211527.25597-1-JPEWhacker@gmail.com (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
| Series | send-email: explicitly disable authentication | expand |
On Thu, Oct 18, 2018 at 5:16 PM Joshua Watt <jpewhacker@gmail.com> wrote: > It can be necessary to disable SMTP authentication by a mechanism other > than sendemail.smtpuser being undefined. For example, if the user has > sendemail.smtpuser set globally but wants to disable authentication > locally in one repository. > > --smtp-auth and sendemail.smtpauth now understand the value 'none' which > means to disable authentication completely, even if an authentication > user is specified. Implementation complexity aside, spelling the option --no-smtp-auth might be more intuitive and consistent than --smtp-auth=none. > The value 'none' is lower case to avoid conflicts with any RFC 4422 > authentication mechanisms. > > Signed-off-by: Joshua Watt <JPEWhacker@gmail.com>
On Thu, 2018-10-18 at 17:53 -0400, Eric Sunshine wrote: > On Thu, Oct 18, 2018 at 5:16 PM Joshua Watt <jpewhacker@gmail.com> > wrote: > > It can be necessary to disable SMTP authentication by a mechanism > > other > > than sendemail.smtpuser being undefined. For example, if the user > > has > > sendemail.smtpuser set globally but wants to disable authentication > > locally in one repository. > > > > --smtp-auth and sendemail.smtpauth now understand the value 'none' > > which > > means to disable authentication completely, even if an > > authentication > > user is specified. > > Implementation complexity aside, spelling the option --no-smtp-auth > might be more intuitive and consistent than --smtp-auth=none. One advantage of --smtp-auth=none is that it can also be done with a config variable sendemail.smtpauth="none". Would be also add a config variable like sendemail.nosmtpauth (the negative seems strange to me)? Or maybe --no-smtp-auth is just a shorthand alias for --smtp-auth=none? > > > The value 'none' is lower case to avoid conflicts with any RFC 4422 > > authentication mechanisms. > > > > Signed-off-by: Joshua Watt <JPEWhacker@gmail.com>
On Thu, Oct 18, 2018 at 6:02 PM Joshua Watt <jpewhacker@gmail.com> wrote: > On Thu, 2018-10-18 at 17:53 -0400, Eric Sunshine wrote: > > On Thu, Oct 18, 2018 at 5:16 PM Joshua Watt <jpewhacker@gmail.com> > > wrote: > > Implementation complexity aside, spelling the option --no-smtp-auth > > might be more intuitive and consistent than --smtp-auth=none. > > One advantage of --smtp-auth=none is that it can also be done with a > config variable sendemail.smtpauth="none". Would be also add a config > variable like sendemail.nosmtpauth (the negative seems strange to me)? I would not expect to see a "negating" config variable like that. I was just suggesting that a "--no-*" command-line option might be more intuitive. > Or maybe --no-smtp-auth is just a shorthand alias for --smtp-auth=none? That's one possibility.
diff --git a/Documentation/git-send-email.txt b/Documentation/git-send-email.txt index 465a4ecbe..751a4851e 100644 --- a/Documentation/git-send-email.txt +++ b/Documentation/git-send-email.txt @@ -190,7 +190,9 @@ $ git send-email --smtp-auth="PLAIN LOGIN GSSAPI" ... If at least one of the specified mechanisms matches the ones advertised by the SMTP server and if it is supported by the utilized SASL library, the mechanism is used for authentication. If neither 'sendemail.smtpAuth' nor `--smtp-auth` -is specified, all mechanisms supported by the SASL library can be used. +is specified, all mechanisms supported by the SASL library can be used. The +special value 'none' maybe specified to completely disable authentication +independently of `--smtp-user` --smtp-pass[=<password>]:: Password for SMTP-AUTH. The argument is optional: If no diff --git a/git-send-email.perl b/git-send-email.perl index 2be5dac33..4a74cd350 100755 --- a/git-send-email.perl +++ b/git-send-email.perl @@ -82,7 +82,8 @@ sub usage { Pass an empty string to disable certificate verification. --smtp-domain <str> * The domain name sent to HELO/EHLO handshake - --smtp-auth <str> * Space-separated list of allowed AUTH mechanisms. + --smtp-auth <str> * Space-separated list of allowed AUTH mechanisms, or + "none" to disable authentication. This setting forces to use one of the listed mechanisms. --smtp-debug <0|1> * Disable, enable Net::SMTP debug. @@ -1241,7 +1242,7 @@ sub smtp_host_string { # (smtp_user was not specified), and 0 otherwise. sub smtp_auth_maybe { - if (!defined $smtp_authuser || $auth) { + if (!defined $smtp_authuser || $auth || $smtp_auth eq "none") { return 1; }
It can be necessary to disable SMTP authentication by a mechanism other than sendemail.smtpuser being undefined. For example, if the user has sendemail.smtpuser set globally but wants to disable authentication locally in one repository. --smtp-auth and sendemail.smtpauth now understand the value 'none' which means to disable authentication completely, even if an authentication user is specified. The value 'none' is lower case to avoid conflicts with any RFC 4422 authentication mechanisms. Signed-off-by: Joshua Watt <JPEWhacker@gmail.com> --- Documentation/git-send-email.txt | 4 +++- git-send-email.perl | 5 +++-- 2 files changed, 6 insertions(+), 3 deletions(-)