changeset b4740b533061 in trytond:5.0
details: https://hg.tryton.org/trytond?cmd=changeset&node=b4740b533061
description:
Enforce certificate validation for SMTP connection
issue11564
review417381003
(grafted from 314535925101f45598850d9a8e31145abef9be05)
diffstat:
CHANGELOG | 2 ++
trytond/sendmail.py | 4 +++-
2 files changed, 5 insertions(+), 1 deletions(-)
diffs (35 lines):
diff -r 696668dd8a37 -r b4740b533061 CHANGELOG
--- a/CHANGELOG Fri Jun 03 19:04:20 2022 +0200
+++ b/CHANGELOG Tue Jun 21 10:16:35 2022 +0200
@@ -1,3 +1,5 @@
+* Enforce certificate validation for SMTP connection (issue11564)
+
Version 5.0.48 - 2022-06-03
* Bug fixes (see mercurial logs for details)
diff -r 696668dd8a37 -r b4740b533061 trytond/sendmail.py
--- a/trytond/sendmail.py Fri Jun 03 19:04:20 2022 +0200
+++ b/trytond/sendmail.py Tue Jun 21 10:16:35 2022 +0200
@@ -2,6 +2,7 @@
# this repository contains the full copyright notices and license terms.
import logging
import smtplib
+import ssl
from email.message import Message
from email.utils import formatdate
from urllib.parse import parse_qs, unquote_plus
@@ -53,12 +54,13 @@
for key, value in parse_qs(uri.query, strict_parsing=True).items():
extra[key] = cast.get(key, lambda a: a)(value[0])
if uri.scheme.startswith('smtps'):
+ extra['context'] = ssl.create_default_context()
server = smtplib.SMTP_SSL(uri.hostname, uri.port, **extra)
else:
server = smtplib.SMTP(uri.hostname, uri.port, **extra)
if 'tls' in uri.scheme:
- server.starttls()
+ server.starttls(context=ssl.create_default_context())
if uri.username and uri.password:
server.login(
