[3.12] gh-127712: Fix secure argument of logging.handlers.SMTPHandler (GH-127726) (GH-129956)

(cherry picked from commit d7672e5d5a)

Lib/logging/handlers.py

@@ -1031,7 +1031,8 @@ def __init__(self, mailhost, fromaddr, toaddrs, subject,
         only be used when authentication credentials are supplied. The tuple
         will be either an empty tuple, or a single-value tuple with the name
         of a keyfile, or a 2-value tuple with the names of the keyfile and
-        certificate file. (This tuple is passed to the `starttls` method).
+        certificate file. (This tuple is passed to the
+        `ssl.SSLContext.load_cert_chain` method).
         A timeout in seconds can be specified for the SMTP connection (the
         default is one second).
         """
@@ -1084,8 +1085,23 @@ def emit(self, record):
             msg.set_content(self.format(record))
             if self.username:
                 if self.secure is not None:
+                    import ssl
+
+                    try:
+                        keyfile = self.secure[0]
+                    except IndexError:
+                        keyfile = None
+
+                    try:
+                        certfile = self.secure[1]
+                    except IndexError:
+                        certfile = None
+
+                    context = ssl._create_stdlib_context(
+                        certfile=certfile, keyfile=keyfile
+                    )
                     smtp.ehlo()
-                    smtp.starttls(*self.secure)
+                    smtp.starttls(context=context)
                     smtp.ehlo()
                 smtp.login(self.username, self.password)
             smtp.send_message(msg)

Misc/NEWS.d/next/Library/2024-12-07-20-33-43.gh-issue-127712.Uzsij4.rst

@@ -0,0 +1 @@
+Fix handling of the ``secure`` argument of :class:`logging.handlers.SMTPHandler`.