Rocksolid Light

Welcome to novaBBS (click a section below)

mail  files  register  newsreader  groups  login

Message-ID:  

Remember: Silly is a state of Mind, Stupid is a way of Life. -- Dave Butler

devel / comp.lang.ada / AWS.SMTP.Client secure mode

SubjectAuthor
* AWS.SMTP.Client secure modephilip...@gmail.com
`* Re: AWS.SMTP.Client secure modeBjörn Lundin
 `* Re: AWS.SMTP.Client secure modephilip...@gmail.com
  `* Re: AWS.SMTP.Client secure modeBjörn Lundin
   `- Re: AWS.SMTP.Client secure modephilip...@gmail.com

1
AWS.SMTP.Client secure mode

<30267029-4433-4f45-a409-debf68fb27ccn@googlegroups.com>

  copy mid

https://www.novabbs.com/devel/article-flat.php?id=5812&group=comp.lang.ada#5812

  copy link   Newsgroups: comp.lang.ada
X-Received: by 2002:a05:620a:15e8:: with SMTP id p8mr5565088qkm.27.1630812040346;
Sat, 04 Sep 2021 20:20:40 -0700 (PDT)
X-Received: by 2002:a05:6902:1201:: with SMTP id s1mr7807629ybu.432.1630812039962;
Sat, 04 Sep 2021 20:20:39 -0700 (PDT)
Path: i2pn2.org!i2pn.org!weretis.net!feeder6.news.weretis.net!news.misty.com!border2.nntp.dca1.giganews.com!nntp.giganews.com!news-out.google.com!nntp.google.com!postnews.google.com!google-groups.googlegroups.com!not-for-mail
Newsgroups: comp.lang.ada
Date: Sat, 4 Sep 2021 20:20:39 -0700 (PDT)
Injection-Info: google-groups.googlegroups.com; posting-host=216.215.19.89; posting-account=XGCYegoAAADY19DGgU_zTfTSbVlfUJ_a
NNTP-Posting-Host: 216.215.19.89
User-Agent: G2/1.0
MIME-Version: 1.0
Message-ID: <30267029-4433-4f45-a409-debf68fb27ccn@googlegroups.com>
Subject: AWS.SMTP.Client secure mode
From: philip.m...@gmail.com (philip...@gmail.com)
Injection-Date: Sun, 05 Sep 2021 03:20:40 +0000
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Lines: 19
 by: philip...@gmail.com - Sun, 5 Sep 2021 03:20 UTC

The recent thread about sending email with AWS.SMTP.Client reminded me I need to finish working on a package I wrote a while ago that uses AWS.SMTP.Client. I have just been passing Server_Name => "localhost", Port => 25, and Secure => False to AWS.SMTP.Client.Initialize, to use a local mail relay, and that has worked fine.

I'm now trying to get secure communication to my email account mailserver working (SSL on port 465). Something deep in the bowels of AWS wants cert.pem to exist in the directory I run my program from, but it doesn't seem to be the cert.pem I retrieved from the mail server with openssl.

My program dies with:

raised AWS.SMTP.SERVER_ERROR : raised AWS.NET.SOCKET_ERROR : The requested data were not available.

immediately after reading the cert.pem file I fetched with openssl.

Has anyone ever got secure and authenticated AWS.SMTP.Client working? And if so, how did you do it?

Re: AWS.SMTP.Client secure mode

<sh4ms3$ubs$1@dont-email.me>

  copy mid

https://www.novabbs.com/devel/article-flat.php?id=5833&group=comp.lang.ada#5833

  copy link   Newsgroups: comp.lang.ada
Path: i2pn2.org!i2pn.org!eternal-september.org!reader02.eternal-september.org!.POSTED!not-for-mail
From: b.f.lun...@gmail.com (Björn Lundin)
Newsgroups: comp.lang.ada
Subject: Re: AWS.SMTP.Client secure mode
Date: Mon, 6 Sep 2021 11:26:27 +0200
Organization: A noiseless patient Spider
Lines: 74
Message-ID: <sh4ms3$ubs$1@dont-email.me>
References: <30267029-4433-4f45-a409-debf68fb27ccn@googlegroups.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 8bit
Injection-Date: Mon, 6 Sep 2021 09:26:27 -0000 (UTC)
Injection-Info: reader02.eternal-september.org; posting-host="9525ee742ac7fd7c263806bdd9be51ef";
logging-data="31100"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX1/kNXnddHCSL2gz8QBa952S"
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.13; rv:78.0)
Gecko/20100101 Thunderbird/78.13.0
Cancel-Lock: sha1:av3QYHUF//hELkXCWpangCyChh4=
In-Reply-To: <30267029-4433-4f45-a409-debf68fb27ccn@googlegroups.com>
Content-Language: en-US
 by: Björn Lundin - Mon, 6 Sep 2021 09:26 UTC

Den 2021-09-05 kl. 05:20, skrev philip...@gmail.com:

>
> Has anyone ever got secure and authenticated AWS.SMTP.Client working? And if so, how did you do it?
>

Yes.
I use Amazon as mailer - like this. Shortened version so it might not
compile. I think you need the Ada.Directories.Set_Directory statement
just as I need it.

in the directory I set , I have the cert.pem I'd like to use

procedure Mail_Saldo is
Subject : constant String := "Some Subject";
use AWS;
SMTP_Server_Name : constant String :=
"email-smtp.eu-north-1.amazonaws.com";
Status : SMTP.Status;
begin
Ada.Directories.Set_Directory(/where/is/my/cet/sslcert");
declare
Auth : aliased constant SMTP.Authentication.Plain.Credential :=
SMTP.Authentication.Plain.Initialize
("AKFCAWS_IS_A_MAILSERVERT", "BOYbIsome-chars-from-amazomFDWW");

SMTP_Server : SMTP.Receiver := SMTP.Client.Initialize
(SMTP_Server_Name,
Port => 465,
Secure => True,
Credential => Auth'Unchecked_Access);
use Ada.Characters.Latin_1;
Msg : constant String := "Some MEssage";

Receivers : constant SMTP.Recipients := (
SMTP.E_Mail("A Mail Address",
"a.mail.address@gmail.com"),
-- SMTP.E_Mail("Another Mail Addresss",
"another.mail.address@gmail.co"));
begin
SMTP.Client.Send(Server => SMTP_Server,
From => SMTP.E_Mail ("A sender",
"Sender@gmail.com"),
To => Receivers,
Subject => Subject,
Message => Msg,
Status => Status);
end;
if not SMTP.Is_Ok (Status) then
Log (Me & "Mail_Saldo", "Can't send message: " &
SMTP.Status_Message (Status));
end if;
end Mail_Saldo;

---------------------------------

cert.pem looks like

sslcert $ cat cert.pem
-----BEGIN RSA PRIVATE KEY-----
.....
-----END RSA PRIVATE KEY-----
-----BEGIN CERTIFICATE-----
............
-----END CERTIFICATE-----

--
Björn

Re: AWS.SMTP.Client secure mode

<eaac8f2d-ab6e-4c55-b0df-6d873e2a4f9dn@googlegroups.com>

  copy mid

https://www.novabbs.com/devel/article-flat.php?id=5841&group=comp.lang.ada#5841

  copy link   Newsgroups: comp.lang.ada
X-Received: by 2002:a37:a4c5:: with SMTP id n188mr13773244qke.273.1630981228205;
Mon, 06 Sep 2021 19:20:28 -0700 (PDT)
X-Received: by 2002:a25:5444:: with SMTP id i65mr19840687ybb.277.1630981227455;
Mon, 06 Sep 2021 19:20:27 -0700 (PDT)
Path: i2pn2.org!i2pn.org!weretis.net!feeder6.news.weretis.net!news.misty.com!border2.nntp.dca1.giganews.com!nntp.giganews.com!news-out.google.com!nntp.google.com!postnews.google.com!google-groups.googlegroups.com!not-for-mail
Newsgroups: comp.lang.ada
Date: Mon, 6 Sep 2021 19:20:27 -0700 (PDT)
In-Reply-To: <sh4ms3$ubs$1@dont-email.me>
Injection-Info: google-groups.googlegroups.com; posting-host=216.215.19.89; posting-account=XGCYegoAAADY19DGgU_zTfTSbVlfUJ_a
NNTP-Posting-Host: 216.215.19.89
References: <30267029-4433-4f45-a409-debf68fb27ccn@googlegroups.com> <sh4ms3$ubs$1@dont-email.me>
User-Agent: G2/1.0
MIME-Version: 1.0
Message-ID: <eaac8f2d-ab6e-4c55-b0df-6d873e2a4f9dn@googlegroups.com>
Subject: Re: AWS.SMTP.Client secure mode
From: philip.m...@gmail.com (philip...@gmail.com)
Injection-Date: Tue, 07 Sep 2021 02:20:28 +0000
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Lines: 18
 by: philip...@gmail.com - Tue, 7 Sep 2021 02:20 UTC

On Monday, September 6, 2021 at 2:26:30 AM UTC-7, björn lundin wrote:
> Den 2021-09-05 kl. 05:20, skrev philip...@gmail.com:
>
> >
> > Has anyone ever got secure and authenticated AWS.SMTP.Client working? And if so, how did you do it?
> >
> Yes.
> I use Amazon as mailer - like this. Shortened version so it might not
> compile. I think you need the Ada.Directories.Set_Directory statement
> just as I need it.
>
> in the directory I set , I have the cert.pem I'd like to use

Is cert.pem a client certificate that will be passed to the server, or is it a server certificate the client uses to validate the server?

As far as I know, none of the mail servers I am dealing with have any mechanism to register client certificates.

Re: AWS.SMTP.Client secure mode

<sh70e4$agf$1@dont-email.me>

  copy mid

https://www.novabbs.com/devel/article-flat.php?id=5842&group=comp.lang.ada#5842

  copy link   Newsgroups: comp.lang.ada
Path: i2pn2.org!i2pn.org!eternal-september.org!reader02.eternal-september.org!.POSTED!not-for-mail
From: b.f.lun...@gmail.com (Björn Lundin)
Newsgroups: comp.lang.ada
Subject: Re: AWS.SMTP.Client secure mode
Date: Tue, 7 Sep 2021 08:21:56 +0200
Organization: A noiseless patient Spider
Lines: 34
Message-ID: <sh70e4$agf$1@dont-email.me>
References: <30267029-4433-4f45-a409-debf68fb27ccn@googlegroups.com>
<sh4ms3$ubs$1@dont-email.me>
<eaac8f2d-ab6e-4c55-b0df-6d873e2a4f9dn@googlegroups.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 8bit
Injection-Date: Tue, 7 Sep 2021 06:21:56 -0000 (UTC)
Injection-Info: reader02.eternal-september.org; posting-host="7b9155a1e2e1e41f6d3b869b749b072e";
logging-data="10767"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX18QBm8la1zTp4yxXhT1r6Rd"
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.13; rv:78.0)
Gecko/20100101 Thunderbird/78.13.0
Cancel-Lock: sha1:daFcpqKxoczntLyiNuoujU7dCjA=
In-Reply-To: <eaac8f2d-ab6e-4c55-b0df-6d873e2a4f9dn@googlegroups.com>
Content-Language: sv
 by: Björn Lundin - Tue, 7 Sep 2021 06:21 UTC

Den 2021-09-07 kl. 04:20, skrev philip...@gmail.com:
> On Monday, September 6, 2021 at 2:26:30 AM UTC-7, björn lundin wrote:
>> Den 2021-09-05 kl. 05:20, skrev philip...@gmail.com:
>>
>>>
>>> Has anyone ever got secure and authenticated AWS.SMTP.Client working? And if so, how did you do it?
>>>
>> Yes.
>> I use Amazon as mailer - like this. Shortened version so it might not
>> compile. I think you need the Ada.Directories.Set_Directory statement
>> just as I need it.
>>
>> in the directory I set , I have the cert.pem I'd like to use
>
> Is cert.pem a client certificate that will be passed to the server, or is it a server certificate the client uses to validate the server?
>

Actually - lookin closer - it is the cert.pem that was distributed with
AWS 1.2.
That is longtime ago...

Obviously Amazon does not care. Auth is then via the lines
Auth : aliased constant SMTP.Authentication.Plain.Credential :=
SMTP.Authentication.Plain.Initialize
("AKFCAWS_IS_A_MAILSERVERT", "BOYbIsome-chars-from-amazomFDWW");

I could not find it on github now - so I mailed you the one I got

--
Björn

Re: AWS.SMTP.Client secure mode

<d48ecde2-0392-40ee-bccb-12f5f878ec15n@googlegroups.com>

  copy mid

https://www.novabbs.com/devel/article-flat.php?id=5844&group=comp.lang.ada#5844

  copy link   Newsgroups: comp.lang.ada
X-Received: by 2002:a0c:f68e:: with SMTP id p14mr49600qvn.13.1631047203598;
Tue, 07 Sep 2021 13:40:03 -0700 (PDT)
X-Received: by 2002:a05:6902:1201:: with SMTP id s1mr393301ybu.432.1631047203020;
Tue, 07 Sep 2021 13:40:03 -0700 (PDT)
Path: i2pn2.org!i2pn.org!weretis.net!feeder6.news.weretis.net!news.misty.com!border2.nntp.dca1.giganews.com!nntp.giganews.com!news-out.google.com!nntp.google.com!postnews.google.com!google-groups.googlegroups.com!not-for-mail
Newsgroups: comp.lang.ada
Date: Tue, 7 Sep 2021 13:40:02 -0700 (PDT)
In-Reply-To: <sh70e4$agf$1@dont-email.me>
Injection-Info: google-groups.googlegroups.com; posting-host=199.204.203.151; posting-account=XGCYegoAAADY19DGgU_zTfTSbVlfUJ_a
NNTP-Posting-Host: 199.204.203.151
References: <30267029-4433-4f45-a409-debf68fb27ccn@googlegroups.com>
<sh4ms3$ubs$1@dont-email.me> <eaac8f2d-ab6e-4c55-b0df-6d873e2a4f9dn@googlegroups.com>
<sh70e4$agf$1@dont-email.me>
User-Agent: G2/1.0
MIME-Version: 1.0
Message-ID: <d48ecde2-0392-40ee-bccb-12f5f878ec15n@googlegroups.com>
Subject: Re: AWS.SMTP.Client secure mode
From: philip.m...@gmail.com (philip...@gmail.com)
Injection-Date: Tue, 07 Sep 2021 20:40:03 +0000
Content-Type: text/plain; charset="UTF-8"
Lines: 6
 by: philip...@gmail.com - Tue, 7 Sep 2021 20:40 UTC

> Obviously Amazon does not care. Auth is then via the lines
> Auth : aliased constant SMTP.Authentication.Plain.Credential :=
> SMTP.Authentication.Plain.Initialize
> ("AKFCAWS_IS_A_MAILSERVERT", "BOYbIsome-chars-from-amazomFDWW");
> I could not find it on github now - so I mailed you the one I got

OK, so your cert.pem works with my email provider. But I don't understand why it works, epecially since your certificate appears to have expired almost 13 years ago.

1
server_pubkey.txt

rocksolid light 0.9.8
clearnet tor