changeset e1a40dc38b1c in trytond:6.2
details: https://hg.tryton.org/trytond?cmd=changeset&node=e1a40dc38b1c
description:
Enforce certificate validation for SMTP connection
issue11564
review417381003
(grafted from 314535925101f45598850d9a8e31145abef9be05)
diffstat:
CHANGELOG | 2 ++
trytond/sendmail.py | 4 +++-
2 files changed, 5 insertions(+), 1 deletions(-)
diffs (37 lines):
diff -r 3ca7c00aaf76 -r e1a40dc38b1c CHANGELOG
--- a/CHANGELOG Fri Jun 03 19:03:00 2022 +0200
+++ b/CHANGELOG Tue Jun 21 10:16:35 2022 +0200
@@ -1,3 +1,5 @@
+* Enforce certificate validation for SMTP connection (issue11564)
+
Version 6.2.9 - 2022-06-03
* Bug fixes (see mercurial logs for details)
diff -r 3ca7c00aaf76 -r e1a40dc38b1c trytond/sendmail.py
--- a/trytond/sendmail.py Fri Jun 03 19:03:00 2022 +0200
+++ b/trytond/sendmail.py Tue Jun 21 10:16:35 2022 +0200
@@ -2,6 +2,7 @@
# this repository contains the full copyright notices and license terms.
import logging
import smtplib
+import ssl
from email.message import Message
from email.utils import formatdate
from email.mime.text import MIMEText
@@ -70,6 +71,7 @@
extra[key] = cast.get(key, lambda a: a)(value[0])
if uri.scheme.startswith('smtps'):
connector = smtplib.SMTP_SSL
+ extra['context'] = ssl.create_default_context()
else:
connector = smtplib.SMTP
try:
@@ -81,7 +83,7 @@
return
if 'tls' in uri.scheme:
- server.starttls()
+ server.starttls(context=ssl.create_default_context())
if uri.username and uri.password:
server.login(
