如何在python中的活动连接上启动TLS? [英] How to start TLS on an active connection in python?

问题描述

以下是我当前在端口 587 上连接到 gmail smtp 服务器的代码.发出 STARTTLS 命令后，我将如何完成 TLS 会话的协商并开始发出诸如 AUTH LOGIN 和 MAIL FROM 之类的命令?我省略了我的 Base64 编码的 gmail 用户名，并用代码底部附近的 xxxxxxxx 替换了它.

The following is my current code for connecting to gmail's smtp server on port 587. After issuing the STARTTLS command how would I finish negotiating the TLS session and begin issuing commands such as AUTH LOGIN and MAIL FROM? I have ommitted my Base64 encoded gmail username and replaced it with xxxxxxxx near the bottom of my code.

我从这个程序中得到的输出是:

My output from this program as it is, is:

220 mx.google.com ESMTP y10sm3296641yhd.6

220 mx.google.com ESMTP y10sm3296641yhd.6

250-mx.google.com 为您服务，[75.66.47.144]

250-mx.google.com at your service, [75.66.47.144]

250 码 35882577

250-SIZE 35882577

250-8BITMIME

250-8BITMIME

250-STARTTLS

250-STARTTLS

250 个增强状态代码

250 ENHANCEDSTATUSCODES

220 2.0.0 准备启动 TLS

220 2.0.0 Ready to start TLS

from socket import *
import ssl
msg = "\r\n smtp.."
endmsg = "\r\n.\r\n"

# Mailserver hostname and port to be used.
mailserver = ("smtp.gmail.com", 587)


# Create a socket and create an active TCP connection with the mailserver
clientSocket = socket(AF_INET, SOCK_STREAM);
clientSocket.connect(mailserver)

# Read server response
recv = clientSocket.recv(1024)
print recv
if recv[:3] != '220':
    print '220 reply not received from server.'

# Send EHLO command and print server response.
ehloCommand = 'EHLO smtp.google.com\r\n'
clientSocket.send(ehloCommand)

recv1 = clientSocket.recv(1024)
print recv1
if recv1[:3] != '250':
    print '250 reply not received from server.'

# Send STARTTLS command to server and print server response
command = "STARTTLS\r\n"
clientSocket.send(command)

recv1 = clientSocket.recv(1024)
print recv1
if recv[:3] != '220':
    print '220 reply not received from server.'

# SEND AUTH LOGIN command and Base64 encoded username
command = "AUTH LOGIN xxxxxxxxxxxxx\r\n"
clientSocket.send(command)

recv1 = clientSocket.recv(1024)
print recv1

推荐答案

您可以 ssl 包装已连接的套接字.这会给你的想法:

You can ssl wrap a connected socket. This will give you the idea:

import ssl
import base64
from socket import *


cc = socket(AF_INET, SOCK_STREAM)
cc.connect(("smtp.gmail.com", 587))
# cc.read(..)

cc.send('helo tester.com\r\n')
cc.send('starttls\r\n')
# cc.read(..) If the server responds ok to starttls
#             tls negotiation needs to happen and all
#             communication is then over the SSL socket 

scc = ssl.wrap_socket(cc, ssl_version=ssl.PROTOCOL_SSLv23)
scc.send('auth login\r\n')
# scc.read(..)

scc.send(base64.b64encode('username')+'\r\n')
scc.send(base64.b64encode('password')+'\r\n')

# css.send(
#  mail from:
#  rcpt to:
#  data
#  etc

查看此页面的 AUTH LOGIN 部​​分以了解有关用户名/密码编码的信息:http://www.samlogic.net/articles/smtp-commands-reference-auth.htm

look at the AUTH LOGIN section of this page for info about the username/password encoding: http://www.samlogic.net/articles/smtp-commands-reference-auth.htm

在将 AUTH LOGIN 命令发送到服务器之后，服务器通过发送 BASE64 编码的文本来询问用户名和密码(问题)给客户.VXNlcm5hbWU6"是BASE64编码的文本对于单词用户名"和UGFzc3dvcmQ6"是 BASE64 编码的文本对于上例中的密码"一词.客户端发送用户名和密码也使用 BASE64 编码.adlxdkej"，在上面的例子，是一个 BASE64 编码的用户名，lkujsefxlj"是一个BASE64 编码的密码.

After that the AUTH LOGIN command has been sent to the server, the server asks for username and password by sending BASE64 encoded text (questions) to the client. "VXNlcm5hbWU6" is the BASE64 encoded text for the word "Username" and "UGFzc3dvcmQ6" is the BASE64 encoded text for the word "Password" in the example above. The client sends username and password also using BASE64 encoding. "adlxdkej", in the example above, is a BASE64 encoded username and "lkujsefxlj" is a BASE64 encoded password.

这篇关于如何在python中的活动连接上启动TLS?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！