Mailing List Archives

Authenticated access

 		[Computer Systems Lab]

[← Prev[Date]  [Next →] [← Prev[Thread]  [Next →]

Re: [HTCondor-devel] Updating condor_mail to support authenticated relays

Date: Mon, 15 Feb 2021 12:41:07 +0000
From: Zach Miller <zmiller@xxxxxxxxxxx>
Subject: Re: [HTCondor-devel] Updating condor_mail to support authenticated relays

Hi Miguel,

 

Thanks for sending in the PR.  We will have someone on our staff review it and get back to you.  Just FYI, it may take a couple weeks as we have a pretty full plate, but we appreciate your contribution.

 

 

Cheers,

-zach

 

 

-----Original Message-----
From: HTCondor-devel <htcondor-devel-bounces@xxxxxxxxxxx> on behalf of Miguel Garrido via HTCondor-devel <htcondor-devel@xxxxxxxxxxx>
Date: Monday, February 15, 2021 at 1:03 AM
To: htcondor-devel@xxxxxxxxxxx <htcondor-devel@xxxxxxxxxxx>
Subject: Re: [HTCondor-devel] Updating condor_mail to support authenticated relays

I had some time and I am going to need this anyway so I submitted the PR - https://github.com/htcondor/htcondor/pull/154

 

 

Thank you

 

On Sun, Feb 14, 2021 at 00:28 Miguel Garrido <miguel@xxxxxxxxx> wrote:

 

 

Hello all,

 

I have recently implemented HTCondor in a Windows environment and everything is working well, except condor_mail which has no support for authenticated relays. I’ve looked at the source code for condor_mail and I am willing to submit a PR that adds the necessary support, but per the README in the htcondor GitHub repository I am asking for input from this list before investing the time.

 

My design calls for maintaining backwards compatibility by adding a new parameter: -savecred meant to be used with the -relay parameter in addition to the [also new] -u and -p parameters.

 

Example usage:

 

condor_mail.exe -relay securerelay.example.com <http://securerelay.example.com/> -u john@xxxxxxxxxxx -p Sup3rsecr3t! -savecred

 

The new functionality triggered by -savecred in the example above would create or update a sub key of the condor registry key called SmtpRelays and create a new registry item of type REG_SZ named “securerelay.example.com <http://securerelay.example.com/>” with a value of “john@xxxxxxxxxxx:<encryptedpassword>”

 

[HKEY_LOCAL_MACHINE\SOFTWARE\condor\SmtpRelays]

 

The encryption would happen with DPAPI, so it would be user and machine specific.

 

After a credential is saved, the next time condor_mail is called with the -relay parameter, the registry will be checked for the existence of an item matching that relay in the SmtpRelays sub key and if found, the SmtpClient would be constructed with the saved credentials and TLS would be forced on the connection.

 

The idea again would be to allow condor_mail to support authenticated relays while keeping the existing functionality intact and minimizing changes.

 

Thoughts?

 

Thank you

 

--

MG

 

 

 

 

--

MG

[← Prev in Thread] Current Thread [Next in Thread→]
Previous by Date:  Re: [HTCondor-devel] Updating condor_mail to support authenticated relays, Miguel Garrido
Next by Date:  Re: [HTCondor-devel] [htcondor-fw] Platform changes in master, Greg Thain
Previous by Thread:  Re: [HTCondor-devel] Updating condor_mail to support authenticated relays, Miguel Garrido
Next by Thread:  , (nil)
Indexes:  [Date] [Thread]