[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: AW: SSL Connection using COMMSSLR4
hi Friedhelm,
An EHLO response follows the RFC standard for ESMTP. SEMTP allows
multi-line responses for many of it's protocol commands -- you should
never assume that a response will be only one line long.
And you should never use a time-out to detect the end of them!!! (What
if you had network lag? you'd get out of sync with the server!)
an ESMTP response will have a 4th character that's set to a '-' if there
are additional lines that follow, and a blank if not. So an EHLO
response might look like this:
250-mail.example.com Hello example [1.2.3.4], pleased to meet you
250-ENHANCEDSTATUSCODES
250-PIPELINING
250-8BITMIME
250-SIZE 33554432
250-DSN
250-DELIVERBY
250 HELP
Notice that the 4th character on the final line is blank. On the other
lines it's a dash to indicate that there are more lines that follow.
The format for multi-line replies is documented in RFC2821 in section
4.2.1. Please don't try to implement any standard internet protocol
without reading/understanding the standards documented in the RFCs!!
http://tools.ietf.org/html/rfc2821
On 6/16/2010 12:45 PM, Friedhelm Brügge wrote:
> Hi Scott,
>
> yep, that made it. After sending a STARTTLS and upgrading the connection to SSL, I was able to start up with EHLO etc. again and send my mail.
>
> Thanks for your help, you saved my day.
>
> One other question for you: After sending the EHLO, the server sends a couple of lines with its capabilities. I'm using the lineRead function. My problem is, that I don't know, how many lines to expect. So I'm reading with a timeout of one second and when the timeout occurs, I'm done with all buffer lines.
>
> This works fine, but it slows down the process of sending a mail by one second per mail. Do you know of a better way of doing this? I know, I could change my program to open up the connection only once and keep it open till all mails are sent, but...just too many issues...
>
> Kind regards
>
> Friedhelm
>
> -----Ursprüngliche Nachricht-----
> Von: ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx [mailto:ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx] Im Auftrag von Scott Klement
> Gesendet: Mittwoch, 16. Juni 2010 18:56
> An: HTTPAPI and FTPAPI Projects
> Betreff: Re: SSL Connection using COMMSSLR4
>
> Hi Friedhelm,
>
> Yes, of course it supports TLS as well as SSL.
>
> Th`e error message you're getting implies that your program has sent a
> request for the SSL handshake, but that the server isn't responding to
> it. This is very common when you're connecting to an non-SSL
> connection, or when you're not following the protocol rules.
>
> It's been a long time since I've written an SMTP-over-SSL routine, but
> if I recall correctly, you have to first connect as non-SSL and then
> exchange commands (I think STARTTLS?) to tell the other side that you
> will begin SSL. Are you connecting to the right port? (i.e. 587
> instead of 25) and are you sending the proper STARTTLS or whatever is
> required to initiate SSL?
>
>
> On 6/16/2010 9:03 AM, Friedhelm Brügge wrote:
>> Sorry, I forgot to send you the debug output:
>>
>> HTTPAPI Ver 1.23 released 2008-04-24
>> OS/400 Ver V5R4M0
>>
>> New iconv() objects set, PostRem=819. PostLoc=0. ProtRem=819. ProtLoc=0
>> DNS resolver retrans: 2
>> DNS resolver retry : 2
>> DNS resolver options: x'00000136'
>> DNS default domain: as400.BRUEGGE.BIZ
>> DNS server found: 192.168.100.1
>> https_init(): entered
>> -------------------------------------------------------------------------------------
>> Dump of local-side certificate information:
>> -------------------------------------------------------------------------------------
>> SetError() #32: Time out during SSL handshake
>>
>>
>>
>>
>> Hi Scott,
>>
>> for my current project, I need to talk to SMTP and POP server over SSL. I noticed, that the HTTP library has the proper communication APIs in it, that allow my program to talk TCP and SSL.
>>
>> So I extended the export list of your HTTP lib a bit to export all the comm functions.
>>
>> So far, I'm able to connect to a POP server using SSL and do all the stuff I need.
>>
>> Connecting to the SMTP server over SSL gives me an error. My provider told me, that he only supports TLS and no SSL for SMTP.
>>
>> Reading your code, I found the function HTTPS_init, that sets up some SSL/TLS attributes for the connection. As far as I understand IBMs documentation, if these attributes aren't set, the default supports all versions of SSL and TLS.
>>
>> Do you have any idea, what's going wrong?
>>
>> This the the SMTP server I'm using: smtp.1und1.de Port: 587
>>
>> The basic code:
>>
>> p_CommNew = %paddr('COMMSSL_NEW');
>> p_CommDriver = comm_new;
>> p_addr = comm_resolve( wwComm : %trimr(wwHost) : '' : wwPort : *OFF );
>> comm_Connect( wwComm : p_addr : wwTimeout );
>> comm_Upgrade( wwComm : wwTimeout );
>>
>> The code fails on the UPGRADE.
>>
>> Thanks for any help
>>
>> Kind regards
>>
>> Friedhelm Brügge
>>
>>
>> -----------------------------------------------------------------------
>> This is the FTPAPI mailing list. To unsubscribe, please go to:
>> http://www.scottklement.com/mailman/listinfo/ftpapi
>> -----------------------------------------------------------------------
>>
>>
>
> -----------------------------------------------------------------------
> This is the FTPAPI mailing list. To unsubscribe, please go to:
> http://www.scottklement.com/mailman/listinfo/ftpapi
> -----------------------------------------------------------------------
>
>
>
> -----------------------------------------------------------------------
> This is the FTPAPI mailing list. To unsubscribe, please go to:
> http://www.scottklement.com/mailman/listinfo/ftpapi
> -----------------------------------------------------------------------
>
-----------------------------------------------------------------------
This is the FTPAPI mailing list. To unsubscribe, please go to:
http://www.scottklement.com/mailman/listinfo/ftpapi
-----------------------------------------------------------------------