HA stopped sending emails - tlsv1 alert no application protocol

Mindreader · March 17, 2025, 9:51am

I think since HA 2025.3.2 (maybe since 2025.3.1 or even 2025.3.0)
HA is not longer sending emails

I get this error

Logger: homeassistant.components.automation.telegram_tur_balkon_wz_geoffnet
Quelle: helpers/script.py:524
Integration: Automation (Dokumentation, Probleme)
Erstmals aufgetreten: 10:24:34 (1 Vorkommnisse)
Zuletzt protokolliert: 10:24:34

Telegram: Tür Balkon-WZ geöffnet: Error executing script. Unexpected error for call_service at pos 2: [SSL] tlsv1 alert no application protocol (_ssl.c:1028)
Traceback (most recent call last):
  File "/usr/src/homeassistant/homeassistant/helpers/script.py", line 524, in _async_step
    await getattr(self, handler)()
  File "/usr/src/homeassistant/homeassistant/helpers/script.py", line 1009, in _async_step_call_service
    response_data = await self._async_run_long_action(
                    ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
    ...<9 lines>...
    )
    ^
  File "/usr/src/homeassistant/homeassistant/helpers/script.py", line 624, in _async_run_long_action
    return await long_task
           ^^^^^^^^^^^^^^^
  File "/usr/src/homeassistant/homeassistant/core.py", line 2794, in async_call
    response_data = await coro
                    ^^^^^^^^^^
  File "/usr/src/homeassistant/homeassistant/core.py", line 2837, in _execute_service
    return await target(service_call)
           ^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/src/homeassistant/homeassistant/components/notify/legacy.py", line 256, in _async_notify_message_service
    await self.async_send_message(**kwargs)
  File "/usr/src/homeassistant/homeassistant/components/notify/legacy.py", line 236, in async_send_message
    await self.hass.async_add_executor_job(
        partial(self.send_message, message, **kwargs)
    )
  File "/usr/local/lib/python3.13/concurrent/futures/thread.py", line 59, in run
    result = self.fn(*self.args, **self.kwargs)
  File "/usr/src/homeassistant/homeassistant/components/smtp/notify.py", line 224, in send_message
    return self._send_email(msg, recipients)
           ~~~~~~~~~~~~~~~~^^^^^^^^^^^^^^^^^
  File "/usr/src/homeassistant/homeassistant/components/smtp/notify.py", line 228, in _send_email
    mail = self.connect()
  File "/usr/src/homeassistant/homeassistant/components/smtp/notify.py", line 155, in connect
    mail.starttls(context=ssl_context)
    ~~~~~~~~~~~~~^^^^^^^^^^^^^^^^^^^^^
  File "/usr/local/lib/python3.13/smtplib.py", line 779, in starttls
    self.sock = context.wrap_socket(self.sock,
                ~~~~~~~~~~~~~~~~~~~^^^^^^^^^^^
                                    server_hostname=self._host)
                                    ^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/local/lib/python3.13/ssl.py", line 455, in wrap_socket
    return self.sslsocket_class._create(
           ~~~~~~~~~~~~~~~~~~~~~~~~~~~~^
        sock=sock,
        ^^^^^^^^^^
    ...<5 lines>...
        session=session
        ^^^^^^^^^^^^^^^
    )
    ^
  File "/usr/local/lib/python3.13/ssl.py", line 1076, in _create
    self.do_handshake()
    ~~~~~~~~~~~~~~~~~^^
  File "/usr/local/lib/python3.13/ssl.py", line 1372, in do_handshake
    self._sslobj.do_handshake()
    ~~~~~~~~~~~~~~~~~~~~~~~~~^^
ssl.SSLError: [SSL] tlsv1 alert no application protocol (_ssl.c:1028)

Logger: homeassistant.components.automation.telegram_tur_balkon_wz_geoffnet
Quelle: components/automation/__init__.py:717
Integration: Automation (Dokumentation, Probleme)
Erstmals aufgetreten: 10:24:34 (1 Vorkommnisse)
Zuletzt protokolliert: 10:24:34

While executing automation automation.telegram_tur_balkon_wz_geoffnet
Traceback (most recent call last):
  File "/usr/src/homeassistant/homeassistant/components/automation/__init__.py", line 717, in async_trigger
    return await self.action_script.async_run(
           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
        variables, trigger_context, started_action
        ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
    )
    ^
  File "/usr/src/homeassistant/homeassistant/helpers/script.py", line 1828, in async_run
    return await asyncio.shield(create_eager_task(run.async_run()))
           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/src/homeassistant/homeassistant/helpers/script.py", line 460, in async_run
    await self._async_step(log_exceptions=False)
  File "/usr/src/homeassistant/homeassistant/helpers/script.py", line 526, in _async_step
    self._handle_exception(
    ~~~~~~~~~~~~~~~~~~~~~~^
        ex, continue_on_error, self._log_exceptions or log_exceptions
        ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
    )
    ^
  File "/usr/src/homeassistant/homeassistant/helpers/script.py", line 556, in _handle_exception
    raise exception
  File "/usr/src/homeassistant/homeassistant/helpers/script.py", line 524, in _async_step
    await getattr(self, handler)()
  File "/usr/src/homeassistant/homeassistant/helpers/script.py", line 1009, in _async_step_call_service
    response_data = await self._async_run_long_action(
                    ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
    ...<9 lines>...
    )
    ^
  File "/usr/src/homeassistant/homeassistant/helpers/script.py", line 624, in _async_run_long_action
    return await long_task
           ^^^^^^^^^^^^^^^
  File "/usr/src/homeassistant/homeassistant/core.py", line 2794, in async_call
    response_data = await coro
                    ^^^^^^^^^^
  File "/usr/src/homeassistant/homeassistant/core.py", line 2837, in _execute_service
    return await target(service_call)
           ^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/src/homeassistant/homeassistant/components/notify/legacy.py", line 256, in _async_notify_message_service
    await self.async_send_message(**kwargs)
  File "/usr/src/homeassistant/homeassistant/components/notify/legacy.py", line 236, in async_send_message
    await self.hass.async_add_executor_job(
        partial(self.send_message, message, **kwargs)
    )
  File "/usr/local/lib/python3.13/concurrent/futures/thread.py", line 59, in run
    result = self.fn(*self.args, **self.kwargs)
  File "/usr/src/homeassistant/homeassistant/components/smtp/notify.py", line 224, in send_message
    return self._send_email(msg, recipients)
           ~~~~~~~~~~~~~~~~^^^^^^^^^^^^^^^^^
  File "/usr/src/homeassistant/homeassistant/components/smtp/notify.py", line 228, in _send_email
    mail = self.connect()
  File "/usr/src/homeassistant/homeassistant/components/smtp/notify.py", line 155, in connect
    mail.starttls(context=ssl_context)
    ~~~~~~~~~~~~~^^^^^^^^^^^^^^^^^^^^^
  File "/usr/local/lib/python3.13/smtplib.py", line 779, in starttls
    self.sock = context.wrap_socket(self.sock,
                ~~~~~~~~~~~~~~~~~~~^^^^^^^^^^^
                                    server_hostname=self._host)
                                    ^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/local/lib/python3.13/ssl.py", line 455, in wrap_socket
    return self.sslsocket_class._create(
           ~~~~~~~~~~~~~~~~~~~~~~~~~~~~^
        sock=sock,
        ^^^^^^^^^^
    ...<5 lines>...
        session=session
        ^^^^^^^^^^^^^^^
    )
    ^
  File "/usr/local/lib/python3.13/ssl.py", line 1076, in _create
    self.do_handshake()
    ~~~~~~~~~~~~~~~~~^^
  File "/usr/local/lib/python3.13/ssl.py", line 1372, in do_handshake
    self._sslobj.do_handshake()
    ~~~~~~~~~~~~~~~~~~~~~~~~~^^
ssl.SSLError: [SSL] tlsv1 alert no application protocol (_ssl.c:1028)

Using the same configuration on my test system running on a proxmox container everythink is fine

notify:
  - name: email_notification
    platform: smtp
    server: mail.xxx.de
    port: 587
    timeout: 15
    sender: [email protected]
    sender_name: "Home Assistant SmartHome" #optional
    recipient: [email protected]
    starttls: true
    username: [email protected]
    password: xxxx

Installed Versions

Core 2025.3.3
Supervisor 2025.03.3
Operating System 14.2
Frontend 20250306.0

postwait · April 17, 2025, 3:00pm

I have the same issue now with mail_and_packages.

postwait · April 17, 2025, 3:28pm

So, I think there was a recent change to the homeassistant/utils/ssl.py to return cached contexts based on cipher lists. However, these contexts are not const and someone can get the context and then change it by setting various parameters and thus make it not useful for anyone else. Reusing cached contexts is fraught with issues when the consumers of those contexts can modify them. I suspect that change will need to be reverted unless the contexts returned can be made immutable to the caller.

Mindreader · April 18, 2025, 6:51am

@postwait
dou you know if there is already a bug report ?