From: Gregory P. Smith <greg@mad-scientist.com>
Date: Thu, 17 Jan 2008 07:54:47 +0000 (+0000)
Subject: ** backport r60015 from trunk.
X-Git-Tag: v2.5.2c1~74
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=0f99b71bd06d5916e1865c7f11f1d4e3fb266034;p=python

** backport r60015 from trunk.
- Issue829951: In the smtplib module, SMTP.starttls() now complies with
  RFC 3207 and forgets any knowledge obtained from the server not obtained
  from the TLS negotiation itself.  Patch contributed by Bill Fenner.
---

diff --git a/Lib/smtplib.py b/Lib/smtplib.py
index 9c8c4fa48c..1b9739c81a 100755
--- a/Lib/smtplib.py
+++ b/Lib/smtplib.py
@@ -605,6 +605,14 @@ class SMTP:
             sslobj = socket.ssl(self.sock, keyfile, certfile)
             self.sock = SSLFakeSocket(self.sock, sslobj)
             self.file = SSLFakeFile(sslobj)
+            # RFC 3207:
+            # The client MUST discard any knowledge obtained from
+            # the server, such as the list of SMTP service extensions,
+            # which was not obtained from the TLS negotiation itself.
+            self.helo_resp = None
+            self.ehlo_resp = None
+            self.esmtp_features = {}
+            self.does_esmtp = 0
         return (resp, reply)
 
     def sendmail(self, from_addr, to_addrs, msg, mail_options=[],
diff --git a/Misc/NEWS b/Misc/NEWS
index 77e97f0509..f4b98deb67 100644
--- a/Misc/NEWS
+++ b/Misc/NEWS
@@ -165,6 +165,10 @@ Library
 - Issue1385: The hmac module now computes the correct hmac when using hashes
   with a block size other than 64 bytes (such as sha384 and sha512).
 
+- Issue829951: In the smtplib module, SMTP.starttls() now complies with 
+  RFC 3207 and forgets any knowledge obtained from the server not obtained
+  from the TLS negotiation itself.  Patch contributed by Bill Fenner.
+
 
 Extension Modules
 -----------------