[New-bugs-announce] [issue25852] smtplib's SMTP.connect() should store the server name in ._host for .starttls()

W. Trevor King report at bugs.python.org
Sat Dec 12 17:59:22 EST 2015 

New submission from W. Trevor King:

With the current tip, starttls uses ._host when calling wrap_socket [1], but ._host is only setup in SMTP.__init__ [2].  Before #22921 [3] starttls would ignore ._host when SNI wasn't available locally.  But as far as I can tell, starttls has never used _host when connection happens via an explicit connect() call.  This leads to errors like [4]:

  >>> smtp = smtplib.SMTP()
  >>> smtp.connect(host="smtp.gmail.com", port=587)
  >>> smtp.ehlo()
  >>> smtp.starttls()
  File "smtp_test.py", line 10, in <module>
    smtp.starttls()
  File "/usr/lib/python3.4/smtplib.py", line 676, in starttls
    server_hostname=server_hostname)
  File "/usr/lib/python3.4/ssl.py", line 344, in wrap_socket
    _context=self)
  File "/usr/lib/python3.4/ssl.py", line 540, in __init__
    self.do_handshake()
  File "/usr/lib/python3.4/ssl.py", line 767, in do_handshake
    self._sslobj.do_handshake()
  ssl.SSLError: [SSL: TLSV1_ALERT_DECODE_ERROR] tlsv1 alert decode error (_ssl.c:598)

I think a better approach would be to move the ._host set into .connect (patch attached).  It would still happen in SMTP(host=…) because [5], but would also allow starttls when users use SMTP() and then call connect(host=…) explicitly.

I've formatted the patch with Git, but its simple enough that it should be easy to apply in Mercurial.  Still, let me know if I can make applying it easier by rerolling the patch.

[1]: https://hg.python.org/cpython/file/323c10701e5d/Lib/smtplib.py#l766
[2]: https://hg.python.org/cpython/file/323c10701e5d/Lib/smtplib.py#l244
[3]: http://bugs.python.org/issue22921
[4]: http://stackoverflow.com/questions/23616803/smtplib-smtp-starttls-fails-with-tlsv1-alert-decode-error
[5]: https://hg.python.org/cpython/file/323c10701e5d/Lib/smtplib.py#l251

----------
components: Library (Lib)
files: 0001-smtplib-Set-SMTP._host-in-.connect.patch
keywords: patch
messages: 256299
nosy: labrat
priority: normal
severity: normal
status: open
title: smtplib's SMTP.connect() should store the server name in ._host for .starttls()
type: behavior
versions: Python 3.3, Python 3.4, Python 3.5
Added file: http://bugs.python.org/file41291/0001-smtplib-Set-SMTP._host-in-.connect.patch

_______________________________________
Python tracker <report at bugs.python.org>
<http://bugs.python.org/issue25852>
_______________________________________

More information about the New-bugs-announce mailing list