SMTP in C: STARTTLS via OpenSSL

Question

SMTP in C: STARTTLS via OpenSSL

I use openssl to create secure smtp connections with gmail.com:25. Therefore, I can successfully connect to the server and send the STARTTLS command (I get 220 2.0.0 ready to start TLS). Then execute the following code without shutting down:

SSL_METHOD* method = NULL;

SSL_library_init();
SSL_load_error_strings();

method = SSLv23_client_method();

ctx = SSL_CTX_new(method);
if (ctx == NULL)
{
    ERR_print_errors_fp(stderr);
}
SSL_CTX_set_options(ctx, SSL_OP_NO_SSLv2);
ssl = SSL_new(ctx);
if (!SSL_set_fd(ssl, socket))
{
        ERR_print_errors_fp(stderr);
        return;
}
if (ssl)
{

    if (SSL_connect((SSL*)ssl) < 1)
    {
        ERR_print_errors_fp(stderr);
    }
    // then i think i need to send EHLO
}

But after calling SSL_connect, I get an error message:

24953:error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol:s23_clnt.c:601:

If I use SSLv3_client_method, I get an error:

18143:error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version number:s3_pkt.c:284.

And if TLSv1_client_method:

21293:error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version number:s3_pkt.c:284:

Why? What am I doing wrong?

+3

c linux ssl smtp openssl

Jackell Apr 01 '10 at 19:24

source share

3 answers

Phil · Answer 1 · 2010-04-08T19:38:36+0000

. :
- TCP smtp.gmail.com:587
- "ehlo [127.0.0.1]\r\n"
- ( : )
- "STARTTLS\r\n"
- (.. "220 TLS" )
- ssl (, ctx ..) "SSL_set_fd" "SSL_connect",
- "ehlo [127.0.0.1]\r\n", SSL

SSL_write SSL_read SSL- .

, , ( ) SSL-. " ".

, ...

Remy Lebeau · Answer 2 · 2010-04-02T01:20:35+0000

SSLv3_client_method TLSv1_client_method SSLv23_client_method. , Gmail SSLv23.

caf · Answer 3 · 2010-04-06T13:20:34+0000

\r ( ) \n ( ), 220, TLS?

SMTP in C: STARTTLS via OpenSSL

More articles: