issue2551350 - Python changes for 3.12 with roundup 2.3.0 mailer.py Fix due to change in smtplib.SMTP.starttls() signature. As of 3.3 it can use an optional ssl context argument for certificates/keys. In 3.12 it dropped legacy support for specifing cert/key files as arguments and requires a context. I modified Andrew's original patch to initialize SSLContext with ssl.PROTOCOL_TLS_CLIENT. If there is a cert file specified, enable check_hostname - verify that the cert supplied by the server matches the hostname we supplied. If there is no cert file call load_default_certs() Also opened issue2551351 to look into more SMTP ssmtp tightening. We also should have an option in Roundup to use TLS/SSL (smtps) without using starttls. Note that this code is untested by the test suite due to the need to setup an SMTP server with STARTTLS support. issue2551351 has some notes on this.

import time, struct, base64
from roundup.cgi.actions import RegisterAction
from roundup.cgi.exceptions import *

def timestamp():
    return base64.encodestring(struct.pack("i", time.time())).strip()

def unpack_timestamp(s):
    return struct.unpack("i",base64.decodestring(s))[0]

class Timestamped:
    def check(self):
        try:
            created = unpack_timestamp(self.form['opaque'].value)
        except KeyError:
            raise FormError("somebody tampered with the form")
        if time.time() - created < 4:
            raise FormError("responding to the form too quickly")
        return True

class TimestampedRegister(Timestamped, RegisterAction):
    def permission(self):
        self.check()
        RegisterAction.permission(self)

def init(instance):
    instance.registerUtil('timestamp', timestamp)
    instance.registerAction('register', TimestampedRegister)