SMTP with STARTTLS verb

[qnpoco]

I'm looking for an example on how to use the STARTTLS with SMTP that is mentioned here http://developer.appinf.com/?p=60

Could someone please crank up a few lines to demonstrate?

Thanks...

[aderouineau]

Never tried to play with it, but it probably comes down to passing a SecureSocket to the SMTPClientSession constructor.

[guenter]

Not that simple, actually. You first have to create a plain socket connection (like SMTPClientSession does now), then issue a STARTTLS command, and then initiate a SSL/TLS connection over the existing socket connection. This requires some changes in the SMTPClientSession class - at least an additional protected member function that allows you to change the underlying socket to a SecureStreamSocket.

[qnpoco]

Thanks for your reply. It would be nice to extend the SMTP class with features available in libESMPT http://www.stafford.uklinux.net/libesmtp/. Hope it happens someday.

[aderouineau]

1) The whishlist forum would be more appropriate for this

2) Would help to include a list of features that's not present in POCO.

[qnpoco]

Not that simple, actually. You first have to create a plain socket connection (like SMTPClientSession does now), then issue a STARTTLS command, and then initiate a SSL/TLS connection over the existing socket connection. This requires some changes in the SMTPClientSession class - at least an additional protected member function that allows you to change the underlying socket to a SecureStreamSocket.

Looks like I can use the SecureStreamSocket::attach(...) method to accomplish this.

[guenter]

You have to deal with the DialogSocket as well.

[blackhearted]

Here is code sample, hope it will be useful.
Please correct it if you see any mistakes.

Code: Select all

void connectTLS()
{
std::string response;
//...
std::auto_ptr<DialogSocket> nonSecureSocket;
nonSecureSocket.reset(new DialogSocket());
nonSecureSocket->connect(address);
int status = nonSecureSocket->receiveMessage(response);
         
sendEHLO(response);
status = sendCommand("STARTTLS", response);
if (!isPositiveCompletion(status))
    throw SMTPException("The TLS is unavailable", response);   

Poco::Net::Context* ptrContext = new Context(Context::CLIENT_USE, "", "", "", Context::VERIFY_NONE );
/**
* Creating SSL socket over existing non secure socket
*/
Poco::Net::SecureStreamSocket secureSocket(ptrContext);                  
secureSocket = secureSocket.attach(*nonSecureSocket_release(),secureSocket.context());   

/**
* Assingning created socket to SMTPClientSession
* @note EHLO and authentication should be done manually (not by calling session_::login())
*/
session_.reset(new Poco::Net::SMTPClientSession(secureSocket));
         
/**
* Sending EHLO
*/
sendEHLO(response);
/**
* Authenticating
*/
authenticate(response);   
//...
}

void sendEHLO(std::string& response)
{
   int status = sendCommand("EHLO", getHost(), response);
   if (isPermanentNegative(status))
      status = sendCommand("HELO", getHost(), response);
   if (!isPositiveCompletion(status)) throw SMTPException("EHLO/HELO send failed", response);
}

int sendCommand(const std::string& command, std::string& response)
{   
   if (session_.get())
   {
      return session->sendCommand(command,response);
   }
   else
   {
      if (!nonSecureSocket_get())
         return -1;

      nonSecureSocket->sendMessage(command);
      return nonSecureSocket->receiveStatusMessage(response);
   }
}

authenticate() like other methods like sendEHLO() may be copy pasted from poco sources.


Note, that attach() returns new Socket object.
If it not assigned after call to ::attach() it will be destructed and your connection ends.

all this stuff works with Poco 1.3.7.

[jimmigoo]

Hi blackhearted!
I would like to know, if possible, how exactly SecureSMTPClientSession class works.
I tried to compile and run this code:

Code: Select all

SecureSMTPClientSession session("smtp.gmail.com", 465);
session.login();
session.STARTTLS();
session.login("smtp.gmail.com", Poco::Net::SecureSMTPClientSession::AUTH_LOGIN, "gmail_username", "gmail_password");

Visual Studio compiled this code, but the code ends its execution inside login() method, especially in Socket::recv() method.
So, I really don't know if I'm forgetting to add other object before creating SecureSMTPClientSession one.

I'm looking to read your (or anyone's who know how to work with SecureSMTPClientSession) reply.

Best Regards
jimmigoo