refactor: replace unverified SSL context with TLSv1.2 client context for improved SMTP connection stability
This commit is contained in:
parent
5ca40f5464
commit
9c1d2788a3
29
gui_app.py
29
gui_app.py
@ -758,15 +758,30 @@ def send_email_notification(smtp, run_data, raise_on_error=False):
|
|||||||
encryption = smtp.get('encryption', 'starttls')
|
encryption = smtp.get('encryption', 'starttls')
|
||||||
try:
|
try:
|
||||||
import ssl
|
import ssl
|
||||||
# Create unverified context to bypass certificate issues or protocol restriction errors
|
|
||||||
context = ssl._create_unverified_context()
|
|
||||||
|
|
||||||
if encryption == 'ssl' or port == 465:
|
# Build a permissive SSL context that accepts TLS 1.2+ and skips cert verification.
|
||||||
server = smtplib.SMTP_SSL(host, port, context=context, timeout=10)
|
# This covers old/self-signed mail servers while still using encrypted transport.
|
||||||
else:
|
# NOTE: TLSv1 and TLSv1_1 are disabled by default in modern OpenSSL builds, so
|
||||||
server = smtplib.SMTP(host, port, timeout=10)
|
# setting minimum_version to TLSv1_2 is the correct approach to avoid
|
||||||
if encryption == 'starttls':
|
# [SSL: UNSUPPORTED_PROTOCOL] errors while remaining compatible with all
|
||||||
|
# major SMTP providers (Gmail, Office365, Postfix, Exim, etc.)
|
||||||
|
context = ssl.SSLContext(ssl.PROTOCOL_TLS_CLIENT)
|
||||||
|
context.check_hostname = False
|
||||||
|
context.verify_mode = ssl.CERT_NONE
|
||||||
|
context.minimum_version = ssl.TLSVersion.TLSv1_2
|
||||||
|
|
||||||
|
if encryption == 'ssl':
|
||||||
|
# Direct SSL/TLS handshake (port 465)
|
||||||
|
server = smtplib.SMTP_SSL(host, port, context=context, timeout=15)
|
||||||
|
elif encryption == 'starttls':
|
||||||
|
# Plain connection upgraded to TLS via STARTTLS (port 587)
|
||||||
|
server = smtplib.SMTP(host, port, timeout=15)
|
||||||
|
server.ehlo()
|
||||||
server.starttls(context=context)
|
server.starttls(context=context)
|
||||||
|
server.ehlo()
|
||||||
|
else:
|
||||||
|
# No encryption – plain SMTP relay (port 25 / internal)
|
||||||
|
server = smtplib.SMTP(host, port, timeout=15)
|
||||||
|
|
||||||
if user and password:
|
if user and password:
|
||||||
server.login(user, password)
|
server.login(user, password)
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user