Overview
Features
Download
Documentation
Community
Add-Ons & Services

SMTP with STARTTLS verb

A general discussion forum.

SMTP with STARTTLS verb

Postby qnpoco » 07 Jul 2009, 20:18

I'm looking for an example on how to use the STARTTLS with SMTP that is mentioned here http://developer.appinf.com/?p=60

Could someone please crank up a few lines to demonstrate?

Thanks...
qnpoco
 
Posts: 3
Joined: 07 Jul 2009, 20:11

Re: SMTP with STARTTLS verb

Postby aderouineau » 07 Jul 2009, 23:30

Never tried to play with it, but it probably comes down to passing a SecureSocket to the SMTPClientSession constructor.
aderouineau
 
Posts: 163
Joined: 18 May 2009, 17:38

Re: SMTP with STARTTLS verb

Postby guenter » 07 Jul 2009, 23:40

Not that simple, actually. You first have to create a plain socket connection (like SMTPClientSession does now), then issue a STARTTLS command, and then initiate a SSL/TLS connection over the existing socket connection. This requires some changes in the SMTPClientSession class - at least an additional protected member function that allows you to change the underlying socket to a SecureStreamSocket.
guenter
 
Posts: 1135
Joined: 11 Jul 2006, 16:27
Location: Austria

Re: SMTP with STARTTLS verb

Postby qnpoco » 08 Jul 2009, 00:25

Thanks for your reply. It would be nice to extend the SMTP class with features available in libESMPT http://www.stafford.uklinux.net/libesmtp/. Hope it happens someday.
qnpoco
 
Posts: 3
Joined: 07 Jul 2009, 20:11

Re: SMTP with STARTTLS verb

Postby aderouineau » 08 Jul 2009, 01:05

1) The whishlist forum would be more appropriate for this

2) Would help to include a list of features that's not present in POCO.
aderouineau
 
Posts: 163
Joined: 18 May 2009, 17:38

Re: SMTP with STARTTLS verb

Postby qnpoco » 08 Jul 2009, 20:53

guenter wrote:Not that simple, actually. You first have to create a plain socket connection (like SMTPClientSession does now), then issue a STARTTLS command, and then initiate a SSL/TLS connection over the existing socket connection. This requires some changes in the SMTPClientSession class - at least an additional protected member function that allows you to change the underlying socket to a SecureStreamSocket.


Looks like I can use the SecureStreamSocket::attach(...) method to accomplish this.
qnpoco
 
Posts: 3
Joined: 07 Jul 2009, 20:11

Re: SMTP with STARTTLS verb

Postby guenter » 10 Jul 2009, 11:32

You have to deal with the DialogSocket as well.
guenter
 
Posts: 1135
Joined: 11 Jul 2006, 16:27
Location: Austria

Re: SMTP with STARTTLS verb

Postby blackhearted » 12 May 2010, 11:05

Here is code sample, hope it will be useful.
Please correct it if you see any mistakes.
Code: Select all
void connectTLS()
{
std::string response;
//...
std::auto_ptr<DialogSocket> nonSecureSocket;
nonSecureSocket.reset(new DialogSocket());
nonSecureSocket->connect(address);
int status = nonSecureSocket->receiveMessage(response);
         
sendEHLO(response);
status = sendCommand("STARTTLS", response);
if (!isPositiveCompletion(status))
    throw SMTPException("The TLS is unavailable", response);   

Poco::Net::Context* ptrContext = new Context(Context::CLIENT_USE, "", "", "", Context::VERIFY_NONE );
/**
* Creating SSL socket over existing non secure socket
*/
Poco::Net::SecureStreamSocket secureSocket(ptrContext);                  
secureSocket = secureSocket.attach(*nonSecureSocket_release(),secureSocket.context());   

/**
* Assingning created socket to SMTPClientSession
* @note EHLO and authentication should be done manually (not by calling session_::login())
*/
session_.reset(new Poco::Net::SMTPClientSession(secureSocket));
         
/**
* Sending EHLO
*/
sendEHLO(response);
/**
* Authenticating
*/
authenticate(response);   
//...
}

void sendEHLO(std::string& response)
{
   int status = sendCommand("EHLO", getHost(), response);
   if (isPermanentNegative(status))
      status = sendCommand("HELO", getHost(), response);
   if (!isPositiveCompletion(status)) throw SMTPException("EHLO/HELO send failed", response);
}

int sendCommand(const std::string& command, std::string& response)
{   
   if (session_.get())
   {
      return session->sendCommand(command,response);
   }
   else
   {
      if (!nonSecureSocket_get())
         return -1;

      nonSecureSocket->sendMessage(command);
      return nonSecureSocket->receiveStatusMessage(response);
   }
}

authenticate() like other methods like sendEHLO() may be copy pasted from poco sources.


Note, that attach() returns new Socket object.
If it not assigned after call to ::attach() it will be destructed and your connection ends.

all this stuff works with Poco 1.3.7.
If you ever saw me smile. You should know I felt sick inside.
blackhearted
 
Posts: 1
Joined: 12 May 2010, 10:55
Location: Ukraine

Re: SMTP with STARTTLS verb

Postby jimmigoo » 18 Jan 2011, 21:15

Hi blackhearted!
I would like to know, if possible, how exactly SecureSMTPClientSession class works.
I tried to compile and run this code:

Code: Select all
SecureSMTPClientSession session("smtp.gmail.com", 465);
session.login();
session.STARTTLS();
session.login("smtp.gmail.com", Poco::Net::SecureSMTPClientSession::AUTH_LOGIN, "gmail_username", "gmail_password");


Visual Studio compiled this code, but the code ends its execution inside login() method, especially in Socket::recv() method.
So, I really don't know if I'm forgetting to add other object before creating SecureSMTPClientSession one.

I'm looking to read your (or anyone's who know how to work with SecureSMTPClientSession) reply.

Best Regards
jimmigoo
jimmigoo
 
Posts: 4
Joined: 18 Jan 2011, 21:09


Return to General Discussion

Who is online

Users browsing this forum: No registered users and 2 guests