Merge pull request #1638 from privacyidea/1637/smtp-cram-md5

Fix sending mails in combination with CRAM-MD5 authentication
privacyidea · May 21, 2019 · d31613c · d31613c
2 parents 9b0054c + c298946
commit d31613c
Showing 1 changed file with 9 additions and 1 deletion.
diff --git a/privacyidea/lib/smtpserver.py b/privacyidea/lib/smtpserver.py
@@ -17,11 +17,14 @@
 # License along with this program.  If not, see <http://www.gnu.org/licenses/>.
 #
 #
+import six
+
+from privacyidea.lib.framework import get_app_config_value
 from privacyidea.lib.queue import job, wrap_job, has_job_queue
 from privacyidea.models import SMTPServer as SMTPServerDB
 from privacyidea.lib.crypto import (decryptPassword, encryptPassword,
                                     FAILED_TO_DECRYPT_PASSWORD)
-from privacyidea.lib.utils import fetch_one_resource
+from privacyidea.lib.utils import fetch_one_resource, to_bytes
 import logging
 from privacyidea.lib.log import log_with
 from time import gmtime, strftime
@@ -113,6 +116,11 @@ def test_email(config, recipient, subject, body, sender=None,
             password = decryptPassword(config['password'])
             if password == FAILED_TO_DECRYPT_PASSWORD:
                 password = config['password']
+            # Under Python 2, we pass passwords as bytestrings to get CRAM-MD5 to work.
+            # We add a safeguard config option to disable the conversion.
+            # Under Python 3, we pass passwords as unicode.
+            if six.PY2 and get_app_config_value("PI_SMTP_PASSWORD_AS_BYTES", True):
+                password = to_bytes(password)
             mail.login(config['username'], password)
         r = mail.sendmail(mail_from, recipient, msg.as_string())
         log.info("Mail sent: {0!s}".format(r))