heckyel/mediagoblin
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Use the STARTTLS command to upgrade SMTP connections where possible.

Browse Source 
Adds the option `email_smtp_force_tls` which will cause `send_email` to error
if it is unable to use the `STARTTLS` command (e.g. where the user knows the
SMTPd supports `STARTTLS` and wishes to protect themselves against a downgrade
attack)

Setting both `email_smtp_user_ssl` and `email_smtp_force_tls` may result in
undefined behaviour if the SMTPd has not been correctly configured.

TODO: Unit tests?
TODO: Documentation?
This commit is contained in:
Matt Molyneaux 2014-03-24 15:00:19 +00:00 committed by Christopher Allan Webber
parent 19df857734
commit 2d4d24f51e
2 changed files with 12 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
mediagoblin/config_spec.ini
View File

@ -24,6 +24,7 @@ direct_remote_path = string(default="/mgoblin_static/")
# set to false to enable sending notices # set to false to enable sending notices
email_debug_mode = boolean(default=True) email_debug_mode = boolean(default=True)
email_smtp_use_ssl = boolean(default=False) email_smtp_use_ssl = boolean(default=False)
email_smtp_force_tls = boolean(default=False)
email_sender_address = string(default="notice@mediagoblin.example.org") email_sender_address = string(default="notice@mediagoblin.example.org")
email_smtp_host = string(default='') email_smtp_host = string(default='')
email_smtp_port = integer(default=0) email_smtp_port = integer(default=0)

11
mediagoblin/tools/mail.py
View File

@ -14,7 +14,9 @@
# You should have received a copy of the GNU Affero General Public License # You should have received a copy of the GNU Affero General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>. # along with this program. If not, see <http://www.gnu.org/licenses/>.
import six
import smtplib import smtplib
import sys
from email.MIMEText import MIMEText from email.MIMEText import MIMEText
from mediagoblin import mg_globals, messages from mediagoblin import mg_globals, messages
from mediagoblin.tools import common from mediagoblin.tools import common
@ -64,6 +66,8 @@ class FakeMhost(object):
'to': to_addrs, 'to': to_addrs,
'message': message}) 'message': message})
def starttls(self):
raise smtplib.SMTPException("No STARTTLS here")
def _clear_test_inboxes(): def _clear_test_inboxes():
global EMAIL_TEST_INBOX global EMAIL_TEST_INBOX
@ -103,6 +107,13 @@ def send_email(from_addr, to_addrs, subject, message_body):
if not mg_globals.app_config['email_smtp_host']: # e.g. host = '' if not mg_globals.app_config['email_smtp_host']: # e.g. host = ''
mhost.connect() # We SMTP.connect explicitly mhost.connect() # We SMTP.connect explicitly
try:
mhost.starttls()
except smtplib.SMTPException:
# Only raise an exception if we're forced to
if mg_globals.app_config['email_smtp_force_tls']:
six.reraise(*sys.exc_info())
if ((not common.TESTS_ENABLED) if ((not common.TESTS_ENABLED)
and (mg_globals.app_config['email_smtp_user'] and (mg_globals.app_config['email_smtp_user']
or mg_globals.app_config['email_smtp_pass'])): or mg_globals.app_config['email_smtp_pass'])):