Merge pull request #1612 from SpecLad/unhardcode-sslv3

Don't hardcode TLS version to SSLv3
buildbot · Mar 27, 2015 · e3d65f1 · e3d65f1
2 parents 05ada3b + 9b7dc8d
commit e3d65f1
Show file tree

Hide file tree

Showing 2 changed files with 3 additions and 15 deletions.
diff --git a/master/buildbot/status/mail.py b/master/buildbot/status/mail.py
@@ -36,13 +36,6 @@
 except ImportError:
     ESMTPSenderFactory = None
 
-have_ssl = True
-try:
-    from twisted.internet import ssl
-    from OpenSSL.SSL import SSLv3_METHOD
-except ImportError:
-    have_ssl = False
-
 # this incantation teaches email to output utf-8 using 7- or 8-bit encoding,
 # although it has no effect before python-2.7.
 from email import charset
@@ -816,12 +809,6 @@ def _gotRecipients(self, rlist, m):
     def sendmail(self, s, recipients):
         result = defer.Deferred()
 
-        if have_ssl and self.useTls:
-            client_factory = ssl.ClientContextFactory()
-            client_factory.method = SSLv3_METHOD
-        else:
-            client_factory = None
-
         if self.smtpUser and self.smtpPassword:
             useAuth = True
         else:
@@ -833,8 +820,7 @@ def sendmail(self, s, recipients):
         sender_factory = ESMTPSenderFactory(
             self.smtpUser, self.smtpPassword,
             self.fromaddr, recipients, StringIO(s),
-            result, contextFactory=client_factory,
-            requireTransportSecurity=self.useTls,
+            result, requireTransportSecurity=self.useTls,
             requireAuthentication=useAuth)
 
         reactor.connectTCP(self.relayhost, self.smtpPort, sender_factory)

diff --git a/master/docs/relnotes/index.rst b/master/docs/relnotes/index.rst
@@ -85,6 +85,8 @@ Features
 
 * Builders can now have multiple "tags" associated with them. Tags can be used in various status classes as filters (eg, on the waterfall page).
 
+* :bb:status:`MailNotifier` no longer forces SSL 3.0 when ``useTls`` is true.
+
 Fixes
 ~~~~~