[英]STARTTLS connection with Ruby and OpenSSL
Using openssl s_client
on the command line I am able to establish a comection to a POP3 server which requires STARTTLS. 在命令行上使用
openssl s_client
,我可以对需要STARTTLS的POP3服务器建立竞争。
openssl s_client -connect pop3.example.com:110 -starttls pop3
How can I accomplish the same (especially the -starttls pop
part) utilizing Ruby's OpenSSL library: 如何使用Ruby的OpenSSL库完成相同的操作(尤其是
-starttls pop
部分):
tcp_socket = TCPSocket.new host, port
ssl_context = OpenSSL::SSL::SSLContext.new
ssl_client = OpenSSL::SSL::SSLSocket.new tcp_socket, ssl_context
ssl_client.connect
The POP3 specification states that you need to send STLS
in order to initiate the TLS handshake. POP3规范指出,您需要发送
STLS
才能启动TLS握手。 Therefore you should send STLS
on the unencrypted socket first, and after that you should be able to call connect
on the OpenSSL layer, which will then perform the actual handshake. 因此,您应该首先在未加密的套接字上发送
STLS
,然后您应该能够在OpenSSL层上调用connect
,然后它将执行实际的握手。
If you call connect
before sending STLS
, the server won't know what is going on, and will interpret it as garbage input. 如果在发送
STLS
之前调用connect
,服务器将不知道发生了什么,并将其解释为垃圾输入。
Working example: 工作示例:
tcp = TCPSocket.new(host, port)
puts tcp.gets
tcp.puts 'STLS'
puts tcp.gets
ssl_context = OpenSSL::SSL::SSLContext.new
ssl_client = OpenSSL::SSL::SSLSocket.new(tcp, ssl_context)
ssl_client.connect
puts ssl_client.state
ssl_client.puts "NOOP"
puts ssl_client.gets
Output: 输出:
+OK POP3 ready <2067986403.1526483285@....>
+OK
SSLOK
+OK
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.