(original) (raw)

changeset: 70185:6737de76487b parent: 70180:c52807b17e03 user: Antoine Pitrou solipsis@pitrou.net date: Wed May 18 18:03:09 2011 +0200 files: Doc/library/smtplib.rst Lib/smtplib.py Lib/test/test_smtpnet.py Misc/NEWS description: Issue #8809: The SMTP_SSL constructor and SMTP.starttls() now support passing a `context` argument pointing to an ssl.SSLContext instance. Patch by Kasun Herath. diff -r c52807b17e03 -r 6737de76487b Doc/library/smtplib.rst --- a/Doc/library/smtplib.rst Wed May 18 00:20:18 2011 +0200 +++ b/Doc/library/smtplib.rst Wed May 18 18:03:09 2011 +0200 @@ -49,7 +49,7 @@ Support for the :keyword:`with` statement was added. -.. class:: SMTP_SSL(host='', port=0, local_hostname=None, keyfile=None, certfile=None[, timeout]) +.. class:: SMTP_SSL(host='', port=0, local_hostname=None, keyfile=None, certfile=None[, timeout], context=None) A :class:`SMTP_SSL` instance behaves exactly the same as instances of :class:`SMTP`. :class:`SMTP_SSL` should be used for situations where SSL is @@ -57,11 +57,16 @@ not appropriate. If *host* is not specified, the local host is used. If *port* is zero, the standard SMTP-over-SSL port (465) is used. *keyfile* and *certfile* are also optional, and can contain a PEM formatted private key - and certificate chain file for the SSL connection. The optional *timeout* + and certificate chain file for the SSL connection. *context* also optional, can contain + a SSLContext, and is an alternative to keyfile and certfile; If it is specified both + keyfile and certfile must be None. The optional *timeout* parameter specifies a timeout in seconds for blocking operations like the connection attempt (if not specified, the global default timeout setting will be used). + .. versionchanged:: 3.3 + *context* was added. + .. class:: LMTP(host='', port=LMTP_PORT, local_hostname=None) @@ -256,7 +261,7 @@ No suitable authentication method was found. -.. method:: SMTP.starttls(keyfile=None, certfile=None) +.. method:: SMTP.starttls(keyfile=None, certfile=None, context=None) Put the SMTP connection in TLS (Transport Layer Security) mode. All SMTP commands that follow will be encrypted. You should then call :meth:`ehlo` @@ -265,6 +270,9 @@ If *keyfile* and *certfile* are provided, these are passed to the :mod:`socket` module's :func:`ssl` function. + Optional *context* parameter is a :class:`ssl.SSLContext` object; This is an alternative to + using a keyfile and a certfile and if specified both *keyfile* and *certfile* should be None. + If there has been no previous ``EHLO`` or ``HELO`` command this session, this method tries ESMTP ``EHLO`` first. @@ -277,6 +285,9 @@ :exc:`RuntimeError` SSL/TLS support is not available to your Python interpreter. + .. versionchanged:: 3.3 + *context* was added. + .. method:: SMTP.sendmail(from_addr, to_addrs, msg, mail_options=[], rcpt_options=[]) diff -r c52807b17e03 -r 6737de76487b Lib/smtplib.py --- a/Lib/smtplib.py Wed May 18 00:20:18 2011 +0200 +++ b/Lib/smtplib.py Wed May 18 18:03:09 2011 +0200 @@ -635,7 +635,7 @@ # We could not login sucessfully. Return result of last attempt. raise SMTPAuthenticationError(code, resp) - def starttls(self, keyfile=None, certfile=None): + def starttls(self, keyfile=None, certfile=None, context=None): """Puts the connection to the SMTP server into TLS mode. If there has been no previous EHLO or HELO command this session, this @@ -659,7 +659,16 @@ if resp == 220: if not _have_ssl: raise RuntimeError("No SSL support included in this Python") - self.sock = ssl.wrap_socket(self.sock, keyfile, certfile) + if context is not None and keyfile is not None: + raise ValueError("context and keyfile arguments are mutually " + "exclusive") + if context is not None and certfile is not None: + raise ValueError("context and certfile arguments are mutually " + "exclusive") + if context is not None: + self.sock = context.wrap_socket(self.sock) + else: + self.sock = ssl.wrap_socket(self.sock, keyfile, certfile) self.file = SSLFakeFile(self.sock) # RFC 3207: # The client MUST discard any knowledge obtained from @@ -815,23 +824,35 @@ support). If host is not specified, '' (the local host) is used. If port is omitted, the standard SMTP-over-SSL port (465) is used. keyfile and certfile are also optional - they can contain a PEM formatted private key and - certificate chain file for the SSL connection. + certificate chain file for the SSL connection. context also optional, can contain + a SSLContext, and is an alternative to keyfile and certfile; If it is specified both + keyfile and certfile must be None. """ default_port = SMTP_SSL_PORT def __init__(self, host='', port=0, local_hostname=None, keyfile=None, certfile=None, - timeout=socket._GLOBAL_DEFAULT_TIMEOUT): + timeout=socket._GLOBAL_DEFAULT_TIMEOUT, context=None): + if context is not None and keyfile is not None: + raise ValueError("context and keyfile arguments are mutually " + "exclusive") + if context is not None and certfile is not None: + raise ValueError("context and certfile arguments are mutually " + "exclusive") self.keyfile = keyfile self.certfile = certfile + self.context = context SMTP.__init__(self, host, port, local_hostname, timeout) def _get_socket(self, host, port, timeout): if self.debuglevel > 0: print('connect:', (host, port), file=stderr) new_socket = socket.create_connection((host, port), timeout) - new_socket = ssl.wrap_socket(new_socket, self.keyfile, self.certfile) + if self.context is not None: + new_socket = self.context.wrap_socket(new_socket) + else: + new_socket = ssl.wrap_socket(new_socket, self.keyfile, self.certfile) self.file = SSLFakeFile(new_socket) return new_socket diff -r c52807b17e03 -r 6737de76487b Lib/test/test_smtpnet.py --- a/Lib/test/test_smtpnet.py Wed May 18 00:20:18 2011 +0200 +++ b/Lib/test/test_smtpnet.py Wed May 18 18:03:09 2011 +0200 @@ -3,12 +3,29 @@ import unittest from test import support import smtplib +import ssl support.requires("network") + +class SmtpTest(unittest.TestCase): + testServer = 'smtp.gmail.com' + remotePort = 25 + context = ssl.SSLContext(ssl.PROTOCOL_SSLv23) + + def test_connect_starttls(self): + support.get_attribute(smtplib, 'SMTP_SSL') + with support.transient_internet(self.testServer): + server = smtplib.SMTP(self.testServer, self.remotePort) + server.starttls(context=self.context) + server.ehlo() + server.quit() + + class SmtpSSLTest(unittest.TestCase): testServer = 'smtp.gmail.com' remotePort = 465 + context = ssl.SSLContext(ssl.PROTOCOL_SSLv23) def test_connect(self): support.get_attribute(smtplib, 'SMTP_SSL') @@ -24,8 +41,16 @@ server.ehlo() server.quit() + def test_connect_using_sslcontext(self): + support.get_attribute(smtplib, 'SMTP_SSL') + with support.transient_internet(self.testServer): + server = smtplib.SMTP_SSL(self.testServer, self.remotePort, context=self.context) + server.ehlo() + server.quit() + + def test_main(): - support.run_unittest(SmtpSSLTest) + support.run_unittest(SmtpTest, SmtpSSLTest) if __name__ == "__main__": test_main() diff -r c52807b17e03 -r 6737de76487b Misc/NEWS --- a/Misc/NEWS Wed May 18 00:20:18 2011 +0200 +++ b/Misc/NEWS Wed May 18 18:03:09 2011 +0200 @@ -153,6 +153,10 @@ Library ------- +- Issue #8809: The SMTP_SSL constructor and SMTP.starttls() now support + passing a ``context`` argument pointing to an ssl.SSLContext instance. + Patch by Kasun Herath. + - Issue #11088: don't crash when using F5 to run a script in IDLE on MacOSX with Tk 8.5. /solipsis@pitrou.net