** backport r60015 from trunk.
- Issue829951: In the smtplib module, SMTP.starttls() now complies with
RFC 3207 and forgets any knowledge obtained from the server not obtained
from the TLS negotiation itself. Patch contributed by Bill Fenner.
diff --git a/Lib/smtplib.py b/Lib/smtplib.py
index 9c8c4fa..1b9739c 100755
--- a/Lib/smtplib.py
+++ b/Lib/smtplib.py
@@ -605,6 +605,14 @@
sslobj = socket.ssl(self.sock, keyfile, certfile)
self.sock = SSLFakeSocket(self.sock, sslobj)
self.file = SSLFakeFile(sslobj)
+ # RFC 3207:
+ # The client MUST discard any knowledge obtained from
+ # the server, such as the list of SMTP service extensions,
+ # which was not obtained from the TLS negotiation itself.
+ self.helo_resp = None
+ self.ehlo_resp = None
+ self.esmtp_features = {}
+ self.does_esmtp = 0
return (resp, reply)
def sendmail(self, from_addr, to_addrs, msg, mail_options=[],
diff --git a/Misc/NEWS b/Misc/NEWS
index 77e97f0..f4b98de 100644
--- a/Misc/NEWS
+++ b/Misc/NEWS
@@ -165,6 +165,10 @@
- Issue1385: The hmac module now computes the correct hmac when using hashes
with a block size other than 64 bytes (such as sha384 and sha512).
+- Issue829951: In the smtplib module, SMTP.starttls() now complies with
+ RFC 3207 and forgets any knowledge obtained from the server not obtained
+ from the TLS negotiation itself. Patch contributed by Bill Fenner.
+
Extension Modules
-----------------