[issue10287] NNTP authentication should check capabilities

Antoine Pitrou added the comment: This issue can now be closed for good. -- status: open -> closed ___ Python tracker ___ ___ Python-

[issue10287] NNTP authentication should check capabilities

Roundup Robot added the comment: New changeset a7f1ffd741d6 by Antoine Pitrou in branch '3.2': Issue #10287: nntplib now queries the server's CAPABILITIES first before sending MODE READER, and only sends it if not already in READER mode. http://hg.python.org/cpython/rev/a7f1ffd741d6 New change

[issue10287] NNTP authentication should check capabilities

Antoine Pitrou added the comment: I think the patch is fine. Will apply soon (thanks!) . -- status: closed -> open ___ Python tracker ___ ___

[issue10287] NNTP authentication should check capabilities

Hynek Schlawack added the comment: So my take on the whole issue and Antoine "tends to agree". ;) 1. If the user tells us (s)he _wants_ us to authenticate or send MODE READER, we do it even if capabilities don't advertise it. There's a lot of rfc-non-conformant servers out there. Permanent er

[issue10287] NNTP authentication should check capabilities

Changes by Hynek Schlawack : Added file: http://bugs.python.org/file24502/b33bcf179df4.diff ___ Python tracker ___ ___ Python-bugs-list mailin

[issue10287] NNTP authentication should check capabilities

Hynek Schlawack added the comment: There's one more issue Julien has raised: nntplib attempts to authenticate when "AUTHINFO" is sent w/o USER. (haven't tested it but I presume it's still valid) It's trivial to catch that but I'd say that it's fine to let the server handle it if the user has

[issue10287] NNTP authentication should check capabilities

Antoine Pitrou added the comment: Perhaps I closed too quickly... Julien's original message had two other requests: “If "READER" is advertised, no need to send a "MODE READER" command at all... If "MODE-READER" is advertised, then "MODE READER" (if wanted) can be sent. Then, self.capabilities

[issue10287] NNTP authentication should check capabilities

Antoine Pitrou added the comment: Thank you :) Committed now. -- resolution: -> fixed stage: -> committed/rejected status: open -> closed ___ Python tracker ___ __

[issue10287] NNTP authentication should check capabilities

Roundup Robot added the comment: New changeset d789f453387d by Antoine Pitrou in branch '3.2': Issue #10287: nntplib now queries the server's CAPABILITIES again after authenticating (since the result may change, according to RFC 4643). http://hg.python.org/cpython/rev/d789f453387d New changese

[issue10287] NNTP authentication should check capabilities

Hynek Schlawack added the comment: Thanks! I think I've addressed everything in the latest patch. -- ___ Python tracker ___ ___ Pytho

[issue10287] NNTP authentication should check capabilities

Changes by Hynek Schlawack : Added file: http://bugs.python.org/file24500/e986dd8bb47d.diff ___ Python tracker ___ ___ Python-bugs-list mailin

[issue10287] NNTP authentication should check capabilities

Antoine Pitrou added the comment: I've made a couple of small comments (see "review" link next to the patch). -- ___ Python tracker ___ _

[issue10287] NNTP authentication should check capabilities

Changes by Hynek Schlawack : Added file: http://bugs.python.org/file24499/0cf0b06e1d31.diff ___ Python tracker ___ ___ Python-bugs-list mailin

[issue10287] NNTP authentication should check capabilities

Hynek Schlawack added the comment: I've added general tests of AUTH USER/PASS as there weren't any present yet. As I haven't alas heard back from Easynews, I can only presume they allow CAPABILITIES after a login – I've added a test case that models this behavior. Otherwise I did as it was as

[issue10287] NNTP authentication should check capabilities

Hynek Schlawack added the comment: Sure, I wanted to add tests as soon as I know that the flow is correct (which it isn't :)). So essentially we want always CAPABILITIES LOGIN CAPABILITIES ? That's rather simple to achieve. The tests are going to be the harder part. ;) Re the patch: I trie

[issue10287] NNTP authentication should check capabilities

Antoine Pitrou added the comment: (oh, and better if it can come with a test) -- type: -> behavior versions: +Python 3.3 ___ Python tracker ___

[issue10287] NNTP authentication should check capabilities

Antoine Pitrou added the comment: Hynek, the patch doesn't apply properly here. Are you soon it's been generated against an up-to-date working copy? Also, I think the logic is wrong: the capabilities should *always* be queried after auth, even if they are already known. That's because they ca

[issue10287] NNTP authentication should check capabilities

Hynek Schlawack added the comment: I think I've fixed it to do as described. Alas, I have no Easynews account to test it (I mailed their support about that so maybe that'll change). Would someone with an account mind to test, if it works? Nathan? -- Added file: http://bugs.python.org/

[issue10287] NNTP authentication should check capabilities

Changes by Hynek Schlawack : -- nosy: +hynek ___ Python tracker ___ ___ Python-bugs-list mailing list Unsubscribe: http://mail.python

[issue10287] NNTP authentication should check capabilities

Nathan Clayton added the comment: When using Easynews, it sends a 480 error (e.g. "nntplib.NNTPTemporaryError: 480 You must log in.") -- ___ Python tracker ___

[issue10287] NNTP authentication should check capabilities

Antoine Pitrou added the comment: > By always sending capabilities at connection, some servers immediately > throw an error. I've modified the class initialization to include an > optional parameter to indicate if this should be disabled. Which kind of error? As Julien says, we could simply cat

[issue10287] NNTP authentication should check capabilities

Julien ÉLIE added the comment: A drawback is that CAPABILITIES will still being unsent after an upgrade of the news server to a more up-to-date version supporting the command. If CAPABILITIES is not understood by the news server, it is not an issue. A 500 response code is usually answered by

[issue10287] NNTP authentication should check capabilities

Nathan Clayton added the comment: By always sending capabilities at connection, some servers immediately throw an error. I've modified the class initialization to include an optional parameter to indicate if this should be disabled. -- keywords: +patch nosy: +Nathan.Clayton Added file

[issue10287] NNTP authentication should check capabilities

Changes by Antoine Pitrou : -- nosy: +pitrou ___ Python tracker ___ ___ Python-bugs-list mailing list Unsubscribe: http://mail.python

[issue10287] NNTP authentication should check capabilities

New submission from Julien ÉLIE : RFC 4643: The server MAY list the AUTHINFO capability with no arguments, which indicates that it complies with this specification and does not permit any authentication commands in its current state. In this case, the client MUST NOT attempt to util