我最近将 django api 从 2.2 更新到 3.1。我更新了 dockerfile 和相关的 bash 文件,如 django-cookiecutter 所做的 https://github.com/pydanny/cookiecutter-django/commit/b22045bcd4ebf563ccdcf226fb389a6bb71e2654#diff-1872e6a6f0bbcb27f2eda185ac89eed05eb7a402b298e58bcbef29bf039c2c13
升级大部分进展顺利,除了现在在生产中我们无法发送电子邮件。我有一个在生产中运行的最小管理命令来测试电子邮件设置
from django.conf import settings
from django.core.mail import send_mail
from django.core.management.base import BaseCommand
class Command(BaseCommand):
"""
Sends an email to the provided addresses.
"""
help = "Sends an email to the provided addresses."
def add_arguments(self, parser):
parser.add_argument("emails", nargs="+")
def handle(self, *args, **options):
self.stdout.write(f"send_email from: {settings.EMAIL_FROM_FIELD}")
for email in options["emails"]:
try:
send_mail(
"expert-system test email",
"a simple email",
settings.EMAIL_FROM_FIELD,
[email],
)
except BaseException as e:
self.stdout.write(f"Problem sending email: {e}")
$ python manage.py send_email harry@test.com
send_email from: test@test.com
Problem sending email: EOF occurred in violation of protocol (_ssl.c:1125)
$ python -c "from urllib.request import urlopen ;
print(urlopen('https://www.howsmyssl.com/a/check').read())"
b'{"given_cipher_suites":["TLS_AES_256_GCM_SHA384","TLS_CHACHA20_POLY1305_SHA256","TLS_AES_128_GCM_SHA256","TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","TLS_DHE_RSA_WITH_AES_256_GCM_SHA384","TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256","TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256","TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256","TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","TLS_DHE_RSA_WITH_AES_128_GCM_SHA256","TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384","TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384","TLS_DHE_RSA_WITH_AES_256_CBC_SHA256","TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256","TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256","TLS_DHE_RSA_WITH_AES_128_CBC_SHA256","TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA","TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA","TLS_DHE_RSA_WITH_AES_256_CBC_SHA","TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA","TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA","TLS_DHE_RSA_WITH_AES_128_CBC_SHA","TLS_RSA_WITH_AES_256_GCM_SHA384","TLS_RSA_WITH_AES_128_GCM_SHA256","TLS_RSA_WITH_AES_256_CBC_SHA256","TLS_RSA_WITH_AES_128_CBC_SHA256","TLS_RSA_WITH_AES_256_CBC_SHA","TLS_RSA_WITH_AES_128_CBC_SHA","TLS_EMPTY_RENEGOTIATION_INFO_SCSV"],"ephemeral_keys_supported":true,"session_ticket_supported":true,"tls_compression_supported":false,"unknown_cipher_suite_supported":false,"beast_vuln":false,"able_to_detect_n_minus_one_splitting":false,"insecure_cipher_suites":{},"tls_version":"TLS 1.3","rating":"Probably Okay"}'
最佳答案
解决方法是使用最初工作的操作系统 python:3.7-alpine它似乎能够发送电子邮件,但是 smtp 服务器需要它(仍然不确定它强制使用什么 tls 版本,但我假设它的 tls 1.2)。
还想补充一下我们尝试使用python:3.8-slim-buster的原因是因为cookiecutter使用它,https://pythonspeed.com/articles/base-image-python-docker-images/推荐最新版本的密码学模块(3.4+ https://cryptography.io/en/latest/changelog.html#v3-4)建议使用现代版本的 pip(否则您必须安装 rust 才能编译密码学)。 django-allauth(通过 pyjwt)需要密码学模块。
为了使用现代版本的 django-allauth(我认为 django 3.1 需要它),我将密码学模块固定到最新的 pre-rust
django-allauth==0.44.0 # https://github.com/pennersr/django-allauth
cryptography==3.3.2 # https://github.com/pyca/cryptography
关于django - EOF 发生违反协议(protocol) (_ssl.c :1125) on python:3. 8-slim-buster,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/66924714/