jeans/core
jeans/core
1
0
Fork 0
mirror of https://github.com/home-assistant/core.git synced 2025-07-16 17:57:11 +00:00
Code Issues Packages Projects Releases Wiki Activity

Ensure no ALPN is negotiated for SMTP (#142296)

Browse Source
This commit is contained in:
Mathijs van de Nes 2025-04-13 00:02:07 +02:00 committed by GitHub
parent 67c0af4c57
commit d6b4f1c95d
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
2 changed files with 9 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
homeassistant/components/smtp/notify.py
View File

@ -38,7 +38,7 @@ from homeassistant.helpers import config_validation as cv
from homeassistant.helpers.reload import setup_reload_service from homeassistant.helpers.reload import setup_reload_service
from homeassistant.helpers.typing import ConfigType, DiscoveryInfoType from homeassistant.helpers.typing import ConfigType, DiscoveryInfoType
from homeassistant.util import dt as dt_util from homeassistant.util import dt as dt_util
from homeassistant.util.ssl import client_context from homeassistant.util.ssl import create_client_context
from .const import ( from .const import (
ATTR_HTML, ATTR_HTML,
@ -86,6 +86,7 @@ def get_service(
) -> MailNotificationService | None: ) -> MailNotificationService | None:
"""Get the mail notification service.""" """Get the mail notification service."""
setup_reload_service(hass, DOMAIN, PLATFORMS) setup_reload_service(hass, DOMAIN, PLATFORMS)
ssl_context = create_client_context() if config[CONF_VERIFY_SSL] else None
mail_service = MailNotificationService( mail_service = MailNotificationService(
config[CONF_SERVER], config[CONF_SERVER],
config[CONF_PORT], config[CONF_PORT],
@ -98,6 +99,7 @@ def get_service(
config.get(CONF_SENDER_NAME), config.get(CONF_SENDER_NAME),
config[CONF_DEBUG], config[CONF_DEBUG],
config[CONF_VERIFY_SSL], config[CONF_VERIFY_SSL],
ssl_context,
) )
if mail_service.connection_is_valid(): if mail_service.connection_is_valid():
@ -122,6 +124,7 @@ class MailNotificationService(BaseNotificationService):
sender_name, sender_name,
debug, debug,
verify_ssl, verify_ssl,
ssl_context,
): ):
"""Initialize the SMTP service.""" """Initialize the SMTP service."""
self._server = server self._server = server
@ -136,23 +139,23 @@ class MailNotificationService(BaseNotificationService):
self.debug = debug self.debug = debug
self._verify_ssl = verify_ssl self._verify_ssl = verify_ssl
self.tries = 2 self.tries = 2
self._ssl_context = ssl_context
def connect(self): def connect(self):
"""Connect/authenticate to SMTP Server.""" """Connect/authenticate to SMTP Server."""
ssl_context = client_context() if self._verify_ssl else None
if self.encryption == "tls": if self.encryption == "tls":
mail = smtplib.SMTP_SSL( mail = smtplib.SMTP_SSL(
self._server, self._server,
self._port, self._port,
timeout=self._timeout, timeout=self._timeout,
context=ssl_context, context=self._ssl_context,
) )
else: else:
mail = smtplib.SMTP(self._server, self._port, timeout=self._timeout) mail = smtplib.SMTP(self._server, self._port, timeout=self._timeout)
mail.set_debuglevel(self.debug) mail.set_debuglevel(self.debug)
mail.ehlo_or_helo_if_needed() mail.ehlo_or_helo_if_needed()
if self.encryption == "starttls": if self.encryption == "starttls":
mail.starttls(context=ssl_context) mail.starttls(context=self._ssl_context)
mail.ehlo() mail.ehlo()
if self.username and self.password: if self.username and self.password:
mail.login(self.username, self.password) mail.login(self.username, self.password)

2
tests/components/smtp/test_notify.py
View File

@ -14,6 +14,7 @@ from homeassistant.const import SERVICE_RELOAD
from homeassistant.core import HomeAssistant from homeassistant.core import HomeAssistant
from homeassistant.exceptions import ServiceValidationError from homeassistant.exceptions import ServiceValidationError
from homeassistant.setup import async_setup_component from homeassistant.setup import async_setup_component
from homeassistant.util.ssl import create_client_context
from tests.common import get_fixture_path from tests.common import get_fixture_path
@ -84,6 +85,7 @@ def message():
"Home Assistant", "Home Assistant",
0, 0,
True, True,
create_client_context(),
) )