Skip to content

Commit 5f7fc52

Browse files
nizamial09nizamial09
committed
mgr/alerts: enforce ssl context to SMTP_SSL
Fixes: https://github.com/ceph/ceph/security/advisories/GHSA-xj9f-7g59-m4jx Signed-off-by: Nizamudeen A <[email protected]>
1 parent 986f61c commit 5f7fc52

File tree

1 file changed

+3
-1
lines changed

1 file changed

+3
-1
lines changed

src/pybind/mgr/alerts/module.py

Lines changed: 3 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -9,6 +9,7 @@
99
from typing import Any, Optional, Dict, List, TYPE_CHECKING, Union
1010
import json
1111
import smtplib
12+
import ssl
1213

1314

1415
class Alerts(MgrModule):
@@ -236,9 +237,10 @@ def _send_alert_smtp(self,
236237

237238
# send
238239
try:
240+
context = ssl.create_default_context()
239241
if self.smtp_ssl:
240242
server: Union[smtplib.SMTP_SSL, smtplib.SMTP] = \
241-
smtplib.SMTP_SSL(self.smtp_host, self.smtp_port)
243+
smtplib.SMTP_SSL(self.smtp_host, self.smtp_port, context=context)
242244
else:
243245
server = smtplib.SMTP(self.smtp_host, self.smtp_port)
244246
if self.smtp_password:

0 commit comments

Comments
 (0)