• 
      

    Fix Perforce authentication and errors on 2026.1.

    Review Request #15133 — Created June 23, 2026 and submitted

    Information

    Review Board
    release-8.x

    Reviewers

    Perforce 2026.1 was a big security-by-default release, which focused on
    an increased default security level for authentication, no password-less
    access, no set-password-on-first-connect behavior, and other changes.

    This requires some changes on our end. Specifically, we now need to
    ensure we do an explicit login when we connect (and after we've verified
    we've successfully connected), as the p4.password we set will no
    longer apply otherwise.

    The list of authentication error strings was updated to handle "Password
    invalid", which may have already existed but was not being handled by
    our code.

    Authentication is now only performed once a connection is established.
    This avoids an attempt at a login when we've hit an outage or cert error
    (which would trigger a "not connected" P4 error).

    The unit test database has been updated for p4d 2026.1, and as part of
    this, each user had to be given a password. These are guest12345,
    samwise12345, and david12345 (for those respective users). The unit
    tests have been updated to set these credentials for the connection
    where appropriate.

    Unit tests pass with p4d 2026.1, p4 2026.1, and p4python 2026.1.

    Tested the code changes with the previous 2021.2 database and matching
    versions of p4d, p4, and p4python. Unit tests passed.

    Manually tested review requests and diffs with a local P4 server, using
    both the 2021.2 and 2026.1 versions, without ticket auth (using the new
    password login flow). These failed on 2026.1 before, but worked with the
    new changes.

    Summary ID
    Fix Perforce authentication and errors on 2026.1.
    Perforce 2026.1 was a big security-by-default release, which focused on an increased default security level for authentication, no password-less access, no set-password-on-first-connect behavior, and other changes. This requires some changes on our end. Specifically, we now need to ensure we do an explicit login when we connect (and after we've verified we've successfully connected), as the `p4.password` we set will no longer apply otherwise. The list of authentication error strings was updated to handle "Password invalid", which may have already existed but was not being handled by our code. Authentication is now only performed once a connection is established. This avoids an attempt at a login when we've hit an outage or cert error (which would trigger a "not connected" P4 error). The unit test database has been updated for p4d 2026.1, and as part of this, each user had to be given a password. These are `guest12345`, `samwise12345`, and `david12345` (for those respective users). The unit tests have been updated to set these credentials for the connection where appropriate.
    d2abc3be200eb6d14d1f378c0ea208dc9eaed369
    Description From Last Updated

    Can we add tests for the _AUTH_ERROR_RE strings resulting in AuthenticationError?

    david david

    Can we put this on release-7.x? We'll want to be able to run tests there.

    david david

    Can we call self.login() here so we get the logging that it does?

    david david

    I know some versions of p4python have added prefixes to errors. Can we use .search(error) instead of .match()?

    david david
    david
    1. 
        
    2. Show all issues

      Can we add tests for the _AUTH_ERROR_RE strings resulting in AuthenticationError?

      1. I'll try to work something up.

      2. I can do a couple, but there are some auth errors that require very specialized setups. I can do it but it'll add a day or two to this, and that's a bad use of my time, so I'm punting on those.

    3. Show all issues

      Can we put this on release-7.x? We'll want to be able to run tests there.

      1. Yeah, I'll backport after.

    4. reviewboard/scmtools/perforce.py (Diff revision 1)
       
       
      Show all issues

      Can we call self.login() here so we get the logging that it does?

      1. It'll info-log on every single P4 operation, which is very spammy and not necessary. It's really there for ticket refreshes so it's only done periodically. Should probably rename it or fold it into check_refresh_ticket() (but I don't want to grow the scope of this change).

    5. reviewboard/scmtools/perforce.py (Diff revision 1)
       
       
      Show all issues

      I know some versions of p4python have added prefixes to errors. Can we use .search(error) instead of .match()?

    6. 
        
    chipx86
    david
    1. Ship It!
    2. 
        
    chipx86
    Review request changed
    Status:
    Completed
    Change Summary:
    Pushed to release-8.x (3976499)