cURL / Mailing Lists / curl-library / Single Mail

curl-library

Re: SMTP with TLS error handling

From: Adam <simplesec2012_at_gmail.com>
Date: Thu, 4 Jun 2015 15:32:46 -0300

How can we know if it's a problem with your code if you don't post it?
Instead of writing paragraphs describing your code - just paste your code.

I've just successfully got a "Login Denied" ASCI string error message by
connecting to smtp://smtp.office365.com:587 by calling
curl_easy_strerror(res).

The same exact message is returned for faulty credentials to gmail also.

| "And curl_easy_perform also gives me CURLE_LOGIN_DENIED which is much
more user friendly."

For what it's worth - I'm writing an SMTP library right now and if you want
user friendly then libcurl isn't for you.

You will run into *many* errors like this (especially with callbacks) and
you'll have to revise the source yourself to get to the bottom of the
problem.

You'll need to do just about everything from scratch anyways, so I
recommend skipping libcurl and writing directly with openssl libraries.

On Thu, Jun 4, 2015 at 12:55 PM, Ralph Mitchell <ralphmitchell_at_gmail.com>
wrote:

> It may be deliberate behaviour by Office365, to avoid giving out
> information that may assist an attacker.
>
> Ralph Mitchell
>
> On Thu, Jun 4, 2015 at 11:26 AM, Jamie Gordon <jamie_at_deslock.com> wrote:
>
>> Hi
>>
>> I have a problem with the correct error handling for SMTP errors when
>> using libcurl and I'd be pleased if anyone can help/advise me. Specifically
>> in this case I am using libcurl 7.42.1 but the same behaviour has been seen
>> with previous versions I have tested with.
>>
>> This issue is, if I use the wrong password with Office365 I get error
>> "CURLE_OPERATION_TIMEDOUT " and the internal curl message
>> (CURLOPT_ERRORBUFFER) is "Operation timed out after 0 milliseconds with 0
>> out of 0 bytes received". Actually some other servers using TLS do this
>> also, but they have been at customer sites and I don't have any debug from
>> those servers. But the issue is repeatable for me using Office365. If I use
>> the correct username/password an email is sent fine. And I've been using
>> the same sending code for a while with standard port 25 SMTP.
>>
>> You can see the debug from the libcurl below (this is output from my own
>> CURLOPT_DEBUGFUNCTION callback function). I've just used a made up a
>> username/password of test_at_example.com/moo.
>>
>> <debug>
>> EHLO myhost
>>
>> 250-AM2PR09CA0025.outlook.office365.com Hello [194.75.73.194]
>> 250-SIZE 157286400
>> 250-PIPELINING
>> 250-DSN
>> 250-ENHANCEDSTATUSCODES
>> 250-AUTH LOGIN
>> 250-8BITMIME
>> 250-BINARYMIME
>> 250 CHUNKING
>>
>> AUTH LOGIN
>>
>> 334 VXNlcm5hbWU6
>>
>> dGVzdEBleGFtcGxlLmNvbQ==
>>
>> 334 UGFzc3dvcmQ6
>>
>> bW9v
>>
>> Operation timed out after 0 milliseconds with 0 out of 0 bytes received
>> Closing connection 0
>> </debug>
>>
>> In terms of function calls:
>>
>> curl_easy_perform returned 28 (CURLE_OPERATION_TIMEDOUT)
>> curl_easy_getinfo(CURLINFO_HTTP_CONNECTCODE) returned 334
>> and
>> curl_easy_getinfo(CURLINFO_RESPONSE_CODE) returned 0
>>
>> Interestingly, if I use gmail with the wrong password I see more relevant
>> info in the debug. And curl_easy_perform also gives me CURLE_LOGIN_DENIED
>> which is much more user friendly.
>>
>> <debug>
>> 535-5.7.8 Username and Password not accepted. Learn more at
>> 535 5.7.8 https://support.google.com/mail/answer/14257
>> ju2sm6707323wid.12 - gsmtp
>> Closing connection 0
>> </debug>
>>
>> So this seems maybe specific to the server somehow. Is it a problem with
>> the Office365 response in TLS? Is their exchange server doing something
>> wrong? Or is there some bad handling in libcurl somewhere? Or maybe could I
>> have initialised something wrong in my c++ calling libcurl?
>>
>> If this behaviour by libcurl is "correct" then is it possible to
>> interpret what I have to maybe suggest to the user that they have entered
>> invalid credentials, rather than presenting them with "Operation timed out
>> after 0 milliseconds..."?
>>
>> Otherwise if it is a bug, then I'll try to look into the library in more
>> details and see if I can work out what's wrong.
>>
>> Any advice appreciated.
>>
>> Thanks
>>
>> Jamie
>>
>> -------------------------------------------------------------------
>> List admin: http://cool.haxx.se/list/listinfo/curl-library
>> Etiquette: http://curl.haxx.se/mail/etiquette.html
>
>
>
> -------------------------------------------------------------------
> List admin: http://cool.haxx.se/list/listinfo/curl-library
> Etiquette: http://curl.haxx.se/mail/etiquette.html
>

-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-library
Etiquette: http://curl.haxx.se/mail/etiquette.html
Received on 2015-06-04