STARTTLS与Ruby和OpenSSL的连接
[英]STARTTLS connection with Ruby and OpenSSL
问题描述
Using openssl s_client on the command line I am able to establish a comection to a POP3 server which requires STARTTLS. 
在命令行上使用openssl s_client ,我可以对需要STARTTLS的POP3服务器建立竞争。
openssl s_client -connect pop3.example.com:110 -starttls pop3
How can I accomplish the same (especially the -starttls pop part) utilizing Ruby's OpenSSL library: 如何使用Ruby的OpenSSL库完成相同的操作(尤其是-starttls pop部分):
tcp_socket = TCPSocket.new host, port
ssl_context = OpenSSL::SSL::SSLContext.new
ssl_client = OpenSSL::SSL::SSLSocket.new tcp_socket, ssl_context
ssl_client.connect
1 个解决方案
解决方案1
2 2018-05-16 15:09:07
The POP3 specification states that you need to send STLS in order to initiate the TLS handshake. POP3规范指出,您需要发送STLS才能启动TLS握手。 Therefore you should send STLS on the unencrypted socket first, and after that you should be able to call connect on the OpenSSL layer, which will then perform the actual handshake. 因此,您应该首先在未加密的套接字上发送STLS ,然后您应该能够在OpenSSL层上调用connect ,然后它将执行实际的握手。
If you call connect before sending STLS , the server won't know what is going on, and will interpret it as garbage input. 如果在发送STLS之前调用connect ,服务器将不知道发生了什么,并将其解释为垃圾输入。
Working example: 工作示例:
tcp = TCPSocket.new(host, port)
puts tcp.gets
tcp.puts 'STLS'
puts tcp.gets
ssl_context = OpenSSL::SSL::SSLContext.new
ssl_client = OpenSSL::SSL::SSLSocket.new(tcp, ssl_context)
ssl_client.connect
puts ssl_client.state
ssl_client.puts "NOOP"
puts ssl_client.gets
Output: 输出:
+OK POP3 ready <2067986403.1526483285@....>
+OK
SSLOK
+OK
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.