Hi,I tried to add this line:RAND_load_file("/dev/urandom", 1024);It didn't do
anything. I don't know if it's because i'm developping on windows system
or...this one also did't do anything:ctx=SSL_CTX_new(SSLv23_client_method());I
checked the server with the command line and it worked fine (it's gmail).I
replaced the SSL_do_hanshake with the SSL_connect and i had the same.Before
sending the STARTTLS command, i'm using BIO_read and BIO_write. Right after
sending the STARTTLS with BIO_write, i'm using SSL_read and SSL_write.If i try
to SSL_read before sending the second EHLO to the server, the application
freezes, waiting for something to read.But after sending the EHLO, SSL_read
returns -1.I don't know what is going wrong doing the handshake and what to
check.Regards> Subject: Re: OpenSSL,SMTP,STARTTLS how does it work?> From:
[EMAIL PROTECTED]> To: openssl-users@openssl.org> Date: Fri, 4 May 2007
22:40:56 +0200> > Hello,> > > > I'm trying to create a little smtp client that
could deal with ssl> > encryption within a c++ application. > > To do that i'm
using openssl and following the smtp protocol. > > > > As i understood, i have
to initialise the library first and several> > other things. I'm doing that: >
> > > SSL_load_error_strings(); > > SSL_library_init(); > You may try here to
initialize PRNG, for example with command:> RAND_load_file("/dev/urandom",
1024);> (end check return code)> > > ctx=SSL_CTX_new(SSLv23_method()); > >
SSL_CTX_set_options(ctx, SSL_OP_ALL); > You may try:>
ctx=SSL_CTX_new(SSLv23_client_method());> (end check return code)> > > Then i'm
openning a non-secured connection to the server with the BIO> > objects. > > >
> bio=BIO_new_connect((char*)server_address.c_str()); > > if (
BIO_do_connect(bio) <= 0 ) > > { > > valid=false; > > return false; > >
} > > > > At that point, i can use the bio object to communicate with the> >
server. I can send an email on a non protected server (so my smtp> > protocol
is ok). > > At the right time i'm sending STARTTLS to the server and it's
replying> > 220 Ready for TLS. > Looks good, you may test this with openssl
command using:> $ openssl s_client -connect host:25 -starttls smtp> to check
that server behaves correctly.> > > Then, i'm doing that: > > > > SSL *
connection=SSL_new(ctx); > > SSL_set_bio(connection,bio,bio); > >
SSL_set_connect_state(connection); > > if( SSL_do_handshake(connection) <=0 ) >
> { > > return false; > > } > All I can say is that using connect(),
SSL_set_fd() and SSL_connect()> works in this situation.> > > Don't know if
it's important because the compiler never stopped on> > it. > > After that i'm
sending a EHLO [xxx.xxx.xxx.xxx] command as specified> > in the rfc for smtp
with STARTTLS. > > Then... nothing!!!! > > The socket is still opened i can
write and read on it but the server> > never replied anything. > Are you using
SSL_read()/SSL_write() for that ?> > > Best regards,> Marek Marcola <[EMAIL
PROTECTED]>> >
______________________________________________________________________> OpenSSL
Project http://www.openssl.org> User Support
Mailing List openssl-users@openssl.org> Automated List
Manager [EMAIL PROTECTED]
_________________________________________________________________
Essayez Live.com et créez l'Internet qui vous ressemble : infos, sports, météo
et bien plus encore !
http://www.live.com/getstarted
