Added by Ron Meske about 9 years ago
Hello,
We are receiving an authentication failure on emails being sent out.
I ran openproject config and found that SMTP_URL= shows the entire password except for one character which has been encoded. Can this be the cause of the authentication error, and if so how can we correct that? Are there limitations on what characters are allowed by OpenProject?
Best,
Ron
Replies (7)
Hey Ron,
we’ve seen this issue with the DATABASE_URL, so I assume you might be onto something there. The password input from the wizard was not properly escaped in this case which leads to an invalid URL.
As a workaround, you can try escaping your password parameter, e.g., through our app:
openproject run bundle exec rails runner "puts CGI.escape '<password>'"and re-set the SMTP_URL to that value
openproject config:set SMTP_URL=“smtp://:@…”You’ll only need to restart your application afterwards with
service openproject restart.Best,
Oliver
Hi Oliver,
I tried escaping the password through your app and I it does not return anything. It runs for a few seconds and then returns to the command prompt.
This is what my SMTP_URL looks like:
smtp://username%40mydomain.com:bR%24Np3kf@smtp.office365.com:587/mydomain.comI have changed the username and password in the line above but kept the encoding as is. As you can see it encodes the “@” symbol and it encodes a the special character used in the password.
Also the SMTP_PASSWORD looks like:
SMTP_PASSWORD=bRNotice that only the first two letters are showing.
Any suggestions?
Hi Ron,
the command was missing a simple ‘puts’, I’ve edited it, sorry about that.
It seems that only
SMTP_PASSWORDis not properly escaped, so you can try out re-configure that without escaping using my (now-fixed) config:set command.I’ll forward this internally to get this fixed.
Best,
Oliver
Hi Oliver,
The command now works, but it returns the same 2 letters. It appears to be truncating at the special character.
I used the encoded password from the
SMTP_URLto setSMTP_PASSWORDAfter restarting and trying to send a test email I am still getting the error:
An error occurred while sending mail (535 5.7.3 Authentication unsuccessful)Any other suggestions?
Regards,
Ron
Okay, I’ve dug a little deeper and I don’t think
SMTP_URLis actually used in the configuration (https://github.com/oliverguenther/openproject/blob/release/5.0/packaging/conf/configuration.yml).Please try once more with the following commands without escaping your password (unless it has shell quotes in it):
openproject config:set SMTP_PASSWORD=‘br@foobar!’To test whether the parameter has succeeded.
openproject run bundle exec rails runner ‘puts OpenProject::Configuration.smtp_password’Should print the correct, unescaped password
It’s still an issue with the escaping of input in the wizard, but not in the SMTP_URL, thus requires no URL-escaping.
Hope that helps.
Best,
Oliver
Hello Oliver,
I did not have luck with our actual password so I tried a variety of special characters and found that the $ character causes the issue. Only the characters prior to the $ are retained.
I did not try all special characters so the developers should set up some test cases and identify all acceptable so that a warning can be given or at least some documentation of what is accepted.
Regards,
Ron
Hi Oliver,
I have tried a large combination and besides avoiding quote type characters, the only character that causes the error is the $ character.
Regards,
Ron