changeset 602589cc73f5 in trytond:6.4
details: https://hg.tryton.org/trytond?cmd=changeset&node=602589cc73f5
description:
Enforce certificate validation for SMTP connection
issue11564
review417381003
(grafted from 314535925101f45598850d9a8e31145abef9be05)
diffstat:
CHANGELOG | 2 ++
trytond/sendmail.py | 4 +++-
2 files changed, 5 insertions(+), 1 deletions(-)
diffs (37 lines):
diff -r 6db5e97b3b8f -r 602589cc73f5 CHANGELOG
--- a/CHANGELOG Wed Jun 15 09:19:10 2022 +0200
+++ b/CHANGELOG Tue Jun 21 10:16:35 2022 +0200
@@ -1,3 +1,5 @@
+* Enforce certificate validation for SMTP connection (issue11564)
+
Version 6.4.2 - 2022-06-15
* Bug fixes (see mercurial logs for details)
diff -r 6db5e97b3b8f -r 602589cc73f5 trytond/sendmail.py
--- a/trytond/sendmail.py Wed Jun 15 09:19:10 2022 +0200
+++ b/trytond/sendmail.py Tue Jun 21 10:16:35 2022 +0200
@@ -2,6 +2,7 @@
# this repository contains the full copyright notices and license terms.
import logging
import smtplib
+import ssl
import time
from email.message import Message
from email.mime.text import MIMEText
@@ -89,6 +90,7 @@
extra[key] = cast.get(key, lambda a: a)(value[0])
if uri.scheme.startswith('smtps'):
connector = smtplib.SMTP_SSL
+ extra['context'] = ssl.create_default_context()
else:
connector = smtplib.SMTP
try:
@@ -100,7 +102,7 @@
return
if 'tls' in uri.scheme:
- server.starttls()
+ server.starttls(context=ssl.create_default_context())
if uri.username and uri.password:
server.login(
