mailer.py.patch


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31

--- a/roundup/mailer.py
+++ b/roundup/mailer.py
@@ -6,6 +6,7 @@
 import os
 import smtplib
 import socket
+import ssl
 import sys
 import time
 import traceback
@@ -312,8 +313,18 @@ def __init__(self, config):
         # start the TLS if requested
         if config["MAIL_TLS"]:
             self.ehlo()
-            self.starttls(config["MAIL_TLS_KEYFILE"],
-                          config["MAIL_TLS_CERTFILE"])
+            if sys.version_info[0:2] >= (3, 6):
+                sslctx = ssl.SSLContext(ssl.PROTOCOL_TLS_CLIENT)
+                if config["MAIL_TLS_CERTFILE"]:
+                    sslctx.load_cert_chain(config["MAIL_TLS_CERTFILE"],
+                                           keyfile=config["MAIL_TLS_KEYFILE"])
+                    sslctx.check_hostname = True
+                else:
+                    sslctx.load_default_certs()
+                self.starttls(context=sslctx)
+            else:
+                self.starttls(config["MAIL_TLS_KEYFILE"],
+                              config["MAIL_TLS_CERTFILE"])
 
         # ok, now do we also need to log in?
         mailuser = config["MAIL_USERNAME"]