1 /*
2 * SSL client for SMTP servers
3 *
4 * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
5 * SPDX-License-Identifier: Apache-2.0
6 *
7 * Licensed under the Apache License, Version 2.0 (the "License"); you may
8 * not use this file except in compliance with the License.
9 * You may obtain a copy of the License at
10 *
11 * http://www.apache.org/licenses/LICENSE-2.0
12 *
13 * Unless required by applicable law or agreed to in writing, software
14 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
15 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * See the License for the specific language governing permissions and
17 * limitations under the License.
18 *
19 * This file is part of mbed TLS (https://tls.mbed.org)
20 */
21
22 #if !defined(MBEDTLS_CONFIG_FILE)
23 #include "mbedtls/config.h"
24 #else
25 #include MBEDTLS_CONFIG_FILE
26 #endif
27
28 #if defined(MBEDTLS_PLATFORM_C)
29 #include "mbedtls/platform.h"
30 #else
31 #include <stdio.h>
32 #include <stdlib.h>
33 #define mbedtls_time time
34 #define mbedtls_time_t time_t
35 #define mbedtls_fprintf fprintf
36 #define mbedtls_printf printf
37 #endif
38
39 #if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_ENTROPY_C) || \
40 !defined(MBEDTLS_SSL_TLS_C) || !defined(MBEDTLS_SSL_CLI_C) || \
41 !defined(MBEDTLS_NET_C) || !defined(MBEDTLS_RSA_C) || \
42 !defined(MBEDTLS_CTR_DRBG_C) || !defined(MBEDTLS_X509_CRT_PARSE_C) || \
43 !defined(MBEDTLS_FS_IO)
main(void)44 int main( void )
45 {
46 mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_ENTROPY_C and/or "
47 "MBEDTLS_SSL_TLS_C and/or MBEDTLS_SSL_CLI_C and/or "
48 "MBEDTLS_NET_C and/or MBEDTLS_RSA_C and/or "
49 "MBEDTLS_CTR_DRBG_C and/or MBEDTLS_X509_CRT_PARSE_C "
50 "not defined.\n");
51 return( 0 );
52 }
53 #else
54
55 #include "mbedtls/base64.h"
56 #include "mbedtls/error.h"
57 #include "mbedtls/net_sockets.h"
58 #include "mbedtls/ssl.h"
59 #include "mbedtls/entropy.h"
60 #include "mbedtls/ctr_drbg.h"
61 #include "mbedtls/certs.h"
62 #include "mbedtls/x509.h"
63
64 #include <stdlib.h>
65 #include <string.h>
66
67 #if !defined(_MSC_VER) || defined(EFIX64) || defined(EFI32)
68 #include <unistd.h>
69 #else
70 #include <io.h>
71 #endif
72
73 #if defined(_WIN32) || defined(_WIN32_WCE)
74 #include <winsock2.h>
75 #include <windows.h>
76
77 #if defined(_MSC_VER)
78 #if defined(_WIN32_WCE)
79 #pragma comment( lib, "ws2.lib" )
80 #else
81 #pragma comment( lib, "ws2_32.lib" )
82 #endif
83 #endif /* _MSC_VER */
84 #endif
85
86 #define DFL_SERVER_NAME "localhost"
87 #define DFL_SERVER_PORT "465"
88 #define DFL_USER_NAME "user"
89 #define DFL_USER_PWD "password"
90 #define DFL_MAIL_FROM ""
91 #define DFL_MAIL_TO ""
92 #define DFL_DEBUG_LEVEL 0
93 #define DFL_CA_FILE ""
94 #define DFL_CRT_FILE ""
95 #define DFL_KEY_FILE ""
96 #define DFL_FORCE_CIPHER 0
97 #define DFL_MODE 0
98 #define DFL_AUTHENTICATION 0
99
100 #define MODE_SSL_TLS 0
101 #define MODE_STARTTLS 0
102
103 #if defined(MBEDTLS_BASE64_C)
104 #define USAGE_AUTH \
105 " authentication=%%d default: 0 (disabled)\n" \
106 " user_name=%%s default: \"user\"\n" \
107 " user_pwd=%%s default: \"password\"\n"
108 #else
109 #define USAGE_AUTH \
110 " authentication options disabled. (Require MBEDTLS_BASE64_C)\n"
111 #endif /* MBEDTLS_BASE64_C */
112
113 #if defined(MBEDTLS_FS_IO)
114 #define USAGE_IO \
115 " ca_file=%%s default: \"\" (pre-loaded)\n" \
116 " crt_file=%%s default: \"\" (pre-loaded)\n" \
117 " key_file=%%s default: \"\" (pre-loaded)\n"
118 #else
119 #define USAGE_IO \
120 " No file operations available (MBEDTLS_FS_IO not defined)\n"
121 #endif /* MBEDTLS_FS_IO */
122
123 #define USAGE \
124 "\n usage: ssl_mail_client param=<>...\n" \
125 "\n acceptable parameters:\n" \
126 " server_name=%%s default: localhost\n" \
127 " server_port=%%d default: 4433\n" \
128 " debug_level=%%d default: 0 (disabled)\n" \
129 " mode=%%d default: 0 (SSL/TLS) (1 for STARTTLS)\n" \
130 USAGE_AUTH \
131 " mail_from=%%s default: \"\"\n" \
132 " mail_to=%%s default: \"\"\n" \
133 USAGE_IO \
134 " force_ciphersuite=<name> default: all enabled\n"\
135 " acceptable ciphersuite names:\n"
136
137 /*
138 * global options
139 */
140 struct options
141 {
142 const char *server_name; /* hostname of the server (client only) */
143 const char *server_port; /* port on which the ssl service runs */
144 int debug_level; /* level of debugging */
145 int authentication; /* if authentication is required */
146 int mode; /* SSL/TLS (0) or STARTTLS (1) */
147 const char *user_name; /* username to use for authentication */
148 const char *user_pwd; /* password to use for authentication */
149 const char *mail_from; /* E-Mail address to use as sender */
150 const char *mail_to; /* E-Mail address to use as recipient */
151 const char *ca_file; /* the file with the CA certificate(s) */
152 const char *crt_file; /* the file with the client certificate */
153 const char *key_file; /* the file with the client key */
154 int force_ciphersuite[2]; /* protocol/ciphersuite to use, or all */
155 } opt;
156
my_debug(void * ctx,int level,const char * file,int line,const char * str)157 static void my_debug( void *ctx, int level,
158 const char *file, int line,
159 const char *str )
160 {
161 ((void) level);
162
163 mbedtls_fprintf( (FILE *) ctx, "%s:%04d: %s", file, line, str );
164 fflush( (FILE *) ctx );
165 }
166
do_handshake(mbedtls_ssl_context * ssl)167 static int do_handshake( mbedtls_ssl_context *ssl )
168 {
169 int ret;
170 uint32_t flags;
171 unsigned char buf[1024];
172 memset(buf, 0, 1024);
173
174 /*
175 * 4. Handshake
176 */
177 mbedtls_printf( " . Performing the SSL/TLS handshake..." );
178 fflush( stdout );
179
180 while( ( ret = mbedtls_ssl_handshake( ssl ) ) != 0 )
181 {
182 if( ret != MBEDTLS_ERR_SSL_WANT_READ && ret != MBEDTLS_ERR_SSL_WANT_WRITE )
183 {
184 #if defined(MBEDTLS_ERROR_C)
185 mbedtls_strerror( ret, (char *) buf, 1024 );
186 #endif
187 mbedtls_printf( " failed\n ! mbedtls_ssl_handshake returned %d: %s\n\n", ret, buf );
188 return( -1 );
189 }
190 }
191
192 mbedtls_printf( " ok\n [ Ciphersuite is %s ]\n",
193 mbedtls_ssl_get_ciphersuite( ssl ) );
194
195 /*
196 * 5. Verify the server certificate
197 */
198 mbedtls_printf( " . Verifying peer X.509 certificate..." );
199
200 /* In real life, we probably want to bail out when ret != 0 */
201 if( ( flags = mbedtls_ssl_get_verify_result( ssl ) ) != 0 )
202 {
203 char vrfy_buf[512];
204
205 mbedtls_printf( " failed\n" );
206
207 mbedtls_x509_crt_verify_info( vrfy_buf, sizeof( vrfy_buf ), " ! ", flags );
208
209 mbedtls_printf( "%s\n", vrfy_buf );
210 }
211 else
212 mbedtls_printf( " ok\n" );
213
214 mbedtls_printf( " . Peer certificate information ...\n" );
215 mbedtls_x509_crt_info( (char *) buf, sizeof( buf ) - 1, " ",
216 mbedtls_ssl_get_peer_cert( ssl ) );
217 mbedtls_printf( "%s\n", buf );
218
219 return( 0 );
220 }
221
write_ssl_data(mbedtls_ssl_context * ssl,unsigned char * buf,size_t len)222 static int write_ssl_data( mbedtls_ssl_context *ssl, unsigned char *buf, size_t len )
223 {
224 int ret;
225
226 mbedtls_printf("\n%s", buf);
227 while( len && ( ret = mbedtls_ssl_write( ssl, buf, len ) ) <= 0 )
228 {
229 if( ret != MBEDTLS_ERR_SSL_WANT_READ && ret != MBEDTLS_ERR_SSL_WANT_WRITE )
230 {
231 mbedtls_printf( " failed\n ! mbedtls_ssl_write returned %d\n\n", ret );
232 return -1;
233 }
234 }
235
236 return( 0 );
237 }
238
write_ssl_and_get_response(mbedtls_ssl_context * ssl,unsigned char * buf,size_t len)239 static int write_ssl_and_get_response( mbedtls_ssl_context *ssl, unsigned char *buf, size_t len )
240 {
241 int ret;
242 unsigned char data[128];
243 char code[4];
244 size_t i, idx = 0;
245
246 mbedtls_printf("\n%s", buf);
247 while( len && ( ret = mbedtls_ssl_write( ssl, buf, len ) ) <= 0 )
248 {
249 if( ret != MBEDTLS_ERR_SSL_WANT_READ && ret != MBEDTLS_ERR_SSL_WANT_WRITE )
250 {
251 mbedtls_printf( " failed\n ! mbedtls_ssl_write returned %d\n\n", ret );
252 return -1;
253 }
254 }
255
256 do
257 {
258 len = sizeof( data ) - 1;
259 memset( data, 0, sizeof( data ) );
260 ret = mbedtls_ssl_read( ssl, data, len );
261
262 if( ret == MBEDTLS_ERR_SSL_WANT_READ || ret == MBEDTLS_ERR_SSL_WANT_WRITE )
263 continue;
264
265 if( ret == MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY )
266 return -1;
267
268 if( ret <= 0 )
269 {
270 mbedtls_printf( "failed\n ! mbedtls_ssl_read returned %d\n\n", ret );
271 return -1;
272 }
273
274 mbedtls_printf("\n%s", data);
275 len = ret;
276 for( i = 0; i < len; i++ )
277 {
278 if( data[i] != '\n' )
279 {
280 if( idx < 4 )
281 code[ idx++ ] = data[i];
282 continue;
283 }
284
285 if( idx == 4 && code[0] >= '0' && code[0] <= '9' && code[3] == ' ' )
286 {
287 code[3] = '\0';
288 return atoi( code );
289 }
290
291 idx = 0;
292 }
293 }
294 while( 1 );
295 }
296
write_and_get_response(mbedtls_net_context * sock_fd,unsigned char * buf,size_t len)297 static int write_and_get_response( mbedtls_net_context *sock_fd, unsigned char *buf, size_t len )
298 {
299 int ret;
300 unsigned char data[128];
301 char code[4];
302 size_t i, idx = 0;
303
304 mbedtls_printf("\n%s", buf);
305 if( len && ( ret = mbedtls_net_send( sock_fd, buf, len ) ) <= 0 )
306 {
307 mbedtls_printf( " failed\n ! mbedtls_ssl_write returned %d\n\n", ret );
308 return -1;
309 }
310
311 do
312 {
313 len = sizeof( data ) - 1;
314 memset( data, 0, sizeof( data ) );
315 ret = mbedtls_net_recv( sock_fd, data, len );
316
317 if( ret <= 0 )
318 {
319 mbedtls_printf( "failed\n ! read returned %d\n\n", ret );
320 return -1;
321 }
322
323 data[len] = '\0';
324 mbedtls_printf("\n%s", data);
325 len = ret;
326 for( i = 0; i < len; i++ )
327 {
328 if( data[i] != '\n' )
329 {
330 if( idx < 4 )
331 code[ idx++ ] = data[i];
332 continue;
333 }
334
335 if( idx == 4 && code[0] >= '0' && code[0] <= '9' && code[3] == ' ' )
336 {
337 code[3] = '\0';
338 return atoi( code );
339 }
340
341 idx = 0;
342 }
343 }
344 while( 1 );
345 }
346
main(int argc,char * argv[])347 int main( int argc, char *argv[] )
348 {
349 int ret = 0, len;
350 mbedtls_net_context server_fd;
351 unsigned char buf[1024];
352 #if defined(MBEDTLS_BASE64_C)
353 unsigned char base[1024];
354 #endif
355 char hostname[32];
356 const char *pers = "ssl_mail_client";
357
358 mbedtls_entropy_context entropy;
359 mbedtls_ctr_drbg_context ctr_drbg;
360 mbedtls_ssl_context ssl;
361 mbedtls_ssl_config conf;
362 mbedtls_x509_crt cacert;
363 mbedtls_x509_crt clicert;
364 mbedtls_pk_context pkey;
365 int i;
366 size_t n;
367 char *p, *q;
368 const int *list;
369
370 /*
371 * Make sure memory references are valid in case we exit early.
372 */
373 mbedtls_net_init( &server_fd );
374 mbedtls_ssl_init( &ssl );
375 mbedtls_ssl_config_init( &conf );
376 memset( &buf, 0, sizeof( buf ) );
377 mbedtls_x509_crt_init( &cacert );
378 mbedtls_x509_crt_init( &clicert );
379 mbedtls_pk_init( &pkey );
380 mbedtls_ctr_drbg_init( &ctr_drbg );
381
382 if( argc == 0 )
383 {
384 usage:
385 mbedtls_printf( USAGE );
386
387 list = mbedtls_ssl_list_ciphersuites();
388 while( *list )
389 {
390 mbedtls_printf(" %s\n", mbedtls_ssl_get_ciphersuite_name( *list ) );
391 list++;
392 }
393 mbedtls_printf("\n");
394 goto exit;
395 }
396
397 opt.server_name = DFL_SERVER_NAME;
398 opt.server_port = DFL_SERVER_PORT;
399 opt.debug_level = DFL_DEBUG_LEVEL;
400 opt.authentication = DFL_AUTHENTICATION;
401 opt.mode = DFL_MODE;
402 opt.user_name = DFL_USER_NAME;
403 opt.user_pwd = DFL_USER_PWD;
404 opt.mail_from = DFL_MAIL_FROM;
405 opt.mail_to = DFL_MAIL_TO;
406 opt.ca_file = DFL_CA_FILE;
407 opt.crt_file = DFL_CRT_FILE;
408 opt.key_file = DFL_KEY_FILE;
409 opt.force_ciphersuite[0]= DFL_FORCE_CIPHER;
410
411 for( i = 1; i < argc; i++ )
412 {
413 p = argv[i];
414 if( ( q = strchr( p, '=' ) ) == NULL )
415 goto usage;
416 *q++ = '\0';
417
418 if( strcmp( p, "server_name" ) == 0 )
419 opt.server_name = q;
420 else if( strcmp( p, "server_port" ) == 0 )
421 opt.server_port = q;
422 else if( strcmp( p, "debug_level" ) == 0 )
423 {
424 opt.debug_level = atoi( q );
425 if( opt.debug_level < 0 || opt.debug_level > 65535 )
426 goto usage;
427 }
428 else if( strcmp( p, "authentication" ) == 0 )
429 {
430 opt.authentication = atoi( q );
431 if( opt.authentication < 0 || opt.authentication > 1 )
432 goto usage;
433 }
434 else if( strcmp( p, "mode" ) == 0 )
435 {
436 opt.mode = atoi( q );
437 if( opt.mode < 0 || opt.mode > 1 )
438 goto usage;
439 }
440 else if( strcmp( p, "user_name" ) == 0 )
441 opt.user_name = q;
442 else if( strcmp( p, "user_pwd" ) == 0 )
443 opt.user_pwd = q;
444 else if( strcmp( p, "mail_from" ) == 0 )
445 opt.mail_from = q;
446 else if( strcmp( p, "mail_to" ) == 0 )
447 opt.mail_to = q;
448 else if( strcmp( p, "ca_file" ) == 0 )
449 opt.ca_file = q;
450 else if( strcmp( p, "crt_file" ) == 0 )
451 opt.crt_file = q;
452 else if( strcmp( p, "key_file" ) == 0 )
453 opt.key_file = q;
454 else if( strcmp( p, "force_ciphersuite" ) == 0 )
455 {
456 opt.force_ciphersuite[0] = -1;
457
458 opt.force_ciphersuite[0] = mbedtls_ssl_get_ciphersuite_id( q );
459
460 if( opt.force_ciphersuite[0] <= 0 )
461 goto usage;
462
463 opt.force_ciphersuite[1] = 0;
464 }
465 else
466 goto usage;
467 }
468
469 /*
470 * 0. Initialize the RNG and the session data
471 */
472 mbedtls_printf( "\n . Seeding the random number generator..." );
473 fflush( stdout );
474
475 mbedtls_entropy_init( &entropy );
476 if( ( ret = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy,
477 (const unsigned char *) pers,
478 strlen( pers ) ) ) != 0 )
479 {
480 mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_seed returned %d\n", ret );
481 goto exit;
482 }
483
484 mbedtls_printf( " ok\n" );
485
486 /*
487 * 1.1. Load the trusted CA
488 */
489 mbedtls_printf( " . Loading the CA root certificate ..." );
490 fflush( stdout );
491
492 #if defined(MBEDTLS_FS_IO)
493 if( strlen( opt.ca_file ) )
494 ret = mbedtls_x509_crt_parse_file( &cacert, opt.ca_file );
495 else
496 #endif
497 #if defined(MBEDTLS_CERTS_C)
498 ret = mbedtls_x509_crt_parse( &cacert, (const unsigned char *) mbedtls_test_cas_pem,
499 mbedtls_test_cas_pem_len );
500 #else
501 {
502 ret = 1;
503 mbedtls_printf("MBEDTLS_CERTS_C not defined.");
504 }
505 #endif
506 if( ret < 0 )
507 {
508 mbedtls_printf( " failed\n ! mbedtls_x509_crt_parse returned %d\n\n", ret );
509 goto exit;
510 }
511
512 mbedtls_printf( " ok (%d skipped)\n", ret );
513
514 /*
515 * 1.2. Load own certificate and private key
516 *
517 * (can be skipped if client authentication is not required)
518 */
519 mbedtls_printf( " . Loading the client cert. and key..." );
520 fflush( stdout );
521
522 #if defined(MBEDTLS_FS_IO)
523 if( strlen( opt.crt_file ) )
524 ret = mbedtls_x509_crt_parse_file( &clicert, opt.crt_file );
525 else
526 #endif
527 #if defined(MBEDTLS_CERTS_C)
528 ret = mbedtls_x509_crt_parse( &clicert, (const unsigned char *) mbedtls_test_cli_crt,
529 mbedtls_test_cli_crt_len );
530 #else
531 {
532 ret = -1;
533 mbedtls_printf("MBEDTLS_CERTS_C not defined.");
534 }
535 #endif
536 if( ret != 0 )
537 {
538 mbedtls_printf( " failed\n ! mbedtls_x509_crt_parse returned %d\n\n", ret );
539 goto exit;
540 }
541
542 #if defined(MBEDTLS_FS_IO)
543 if( strlen( opt.key_file ) )
544 ret = mbedtls_pk_parse_keyfile( &pkey, opt.key_file, "" );
545 else
546 #endif
547 #if defined(MBEDTLS_CERTS_C) && defined(MBEDTLS_PEM_PARSE_C)
548 ret = mbedtls_pk_parse_key( &pkey, (const unsigned char *) mbedtls_test_cli_key,
549 mbedtls_test_cli_key_len, NULL, 0 );
550 #else
551 {
552 ret = -1;
553 mbedtls_printf("MBEDTLS_CERTS_C or MBEDTLS_PEM_PARSE_C not defined.");
554 }
555 #endif
556 if( ret != 0 )
557 {
558 mbedtls_printf( " failed\n ! mbedtls_pk_parse_key returned %d\n\n", ret );
559 goto exit;
560 }
561
562 mbedtls_printf( " ok\n" );
563
564 /*
565 * 2. Start the connection
566 */
567 mbedtls_printf( " . Connecting to tcp/%s/%s...", opt.server_name,
568 opt.server_port );
569 fflush( stdout );
570
571 if( ( ret = mbedtls_net_connect( &server_fd, opt.server_name,
572 opt.server_port, MBEDTLS_NET_PROTO_TCP ) ) != 0 )
573 {
574 mbedtls_printf( " failed\n ! mbedtls_net_connect returned %d\n\n", ret );
575 goto exit;
576 }
577
578 mbedtls_printf( " ok\n" );
579
580 /*
581 * 3. Setup stuff
582 */
583 mbedtls_printf( " . Setting up the SSL/TLS structure..." );
584 fflush( stdout );
585
586 if( ( ret = mbedtls_ssl_config_defaults( &conf,
587 MBEDTLS_SSL_IS_CLIENT,
588 MBEDTLS_SSL_TRANSPORT_STREAM,
589 MBEDTLS_SSL_PRESET_DEFAULT ) ) != 0 )
590 {
591 mbedtls_printf( " failed\n ! mbedtls_ssl_config_defaults returned %d\n\n", ret );
592 goto exit;
593 }
594
595 /* OPTIONAL is not optimal for security,
596 * but makes interop easier in this simplified example */
597 mbedtls_ssl_conf_authmode( &conf, MBEDTLS_SSL_VERIFY_OPTIONAL );
598
599 mbedtls_ssl_conf_rng( &conf, mbedtls_ctr_drbg_random, &ctr_drbg );
600 mbedtls_ssl_conf_dbg( &conf, my_debug, stdout );
601
602 if( opt.force_ciphersuite[0] != DFL_FORCE_CIPHER )
603 mbedtls_ssl_conf_ciphersuites( &conf, opt.force_ciphersuite );
604
605 mbedtls_ssl_conf_ca_chain( &conf, &cacert, NULL );
606 if( ( ret = mbedtls_ssl_conf_own_cert( &conf, &clicert, &pkey ) ) != 0 )
607 {
608 mbedtls_printf( " failed\n ! mbedtls_ssl_conf_own_cert returned %d\n\n", ret );
609 goto exit;
610 }
611
612 if( ( ret = mbedtls_ssl_setup( &ssl, &conf ) ) != 0 )
613 {
614 mbedtls_printf( " failed\n ! mbedtls_ssl_setup returned %d\n\n", ret );
615 goto exit;
616 }
617
618 if( ( ret = mbedtls_ssl_set_hostname( &ssl, opt.server_name ) ) != 0 )
619 {
620 mbedtls_printf( " failed\n ! mbedtls_ssl_set_hostname returned %d\n\n", ret );
621 goto exit;
622 }
623
624 mbedtls_ssl_set_bio( &ssl, &server_fd, mbedtls_net_send, mbedtls_net_recv, NULL );
625
626 mbedtls_printf( " ok\n" );
627
628 if( opt.mode == MODE_SSL_TLS )
629 {
630 if( do_handshake( &ssl ) != 0 )
631 goto exit;
632
633 mbedtls_printf( " > Get header from server:" );
634 fflush( stdout );
635
636 ret = write_ssl_and_get_response( &ssl, buf, 0 );
637 if( ret < 200 || ret > 299 )
638 {
639 mbedtls_printf( " failed\n ! server responded with %d\n\n", ret );
640 goto exit;
641 }
642
643 mbedtls_printf(" ok\n" );
644
645 mbedtls_printf( " > Write EHLO to server:" );
646 fflush( stdout );
647
648 gethostname( hostname, 32 );
649 len = sprintf( (char *) buf, "EHLO %s\r\n", hostname );
650 ret = write_ssl_and_get_response( &ssl, buf, len );
651 if( ret < 200 || ret > 299 )
652 {
653 mbedtls_printf( " failed\n ! server responded with %d\n\n", ret );
654 goto exit;
655 }
656 }
657 else
658 {
659 mbedtls_printf( " > Get header from server:" );
660 fflush( stdout );
661
662 ret = write_and_get_response( &server_fd, buf, 0 );
663 if( ret < 200 || ret > 299 )
664 {
665 mbedtls_printf( " failed\n ! server responded with %d\n\n", ret );
666 goto exit;
667 }
668
669 mbedtls_printf(" ok\n" );
670
671 mbedtls_printf( " > Write EHLO to server:" );
672 fflush( stdout );
673
674 gethostname( hostname, 32 );
675 len = sprintf( (char *) buf, "EHLO %s\r\n", hostname );
676 ret = write_and_get_response( &server_fd, buf, len );
677 if( ret < 200 || ret > 299 )
678 {
679 mbedtls_printf( " failed\n ! server responded with %d\n\n", ret );
680 goto exit;
681 }
682
683 mbedtls_printf(" ok\n" );
684
685 mbedtls_printf( " > Write STARTTLS to server:" );
686 fflush( stdout );
687
688 gethostname( hostname, 32 );
689 len = sprintf( (char *) buf, "STARTTLS\r\n" );
690 ret = write_and_get_response( &server_fd, buf, len );
691 if( ret < 200 || ret > 299 )
692 {
693 mbedtls_printf( " failed\n ! server responded with %d\n\n", ret );
694 goto exit;
695 }
696
697 mbedtls_printf(" ok\n" );
698
699 if( do_handshake( &ssl ) != 0 )
700 goto exit;
701 }
702
703 #if defined(MBEDTLS_BASE64_C)
704 if( opt.authentication )
705 {
706 mbedtls_printf( " > Write AUTH LOGIN to server:" );
707 fflush( stdout );
708
709 len = sprintf( (char *) buf, "AUTH LOGIN\r\n" );
710 ret = write_ssl_and_get_response( &ssl, buf, len );
711 if( ret < 200 || ret > 399 )
712 {
713 mbedtls_printf( " failed\n ! server responded with %d\n\n", ret );
714 goto exit;
715 }
716
717 mbedtls_printf(" ok\n" );
718
719 mbedtls_printf( " > Write username to server: %s", opt.user_name );
720 fflush( stdout );
721
722 ret = mbedtls_base64_encode( base, sizeof( base ), &n, (const unsigned char *) opt.user_name,
723 strlen( opt.user_name ) );
724
725 if( ret != 0 ) {
726 mbedtls_printf( " failed\n ! mbedtls_base64_encode returned %d\n\n", ret );
727 goto exit;
728 }
729 len = sprintf( (char *) buf, "%s\r\n", base );
730 ret = write_ssl_and_get_response( &ssl, buf, len );
731 if( ret < 300 || ret > 399 )
732 {
733 mbedtls_printf( " failed\n ! server responded with %d\n\n", ret );
734 goto exit;
735 }
736
737 mbedtls_printf(" ok\n" );
738
739 mbedtls_printf( " > Write password to server: %s", opt.user_pwd );
740 fflush( stdout );
741
742 ret = mbedtls_base64_encode( base, sizeof( base ), &n, (const unsigned char *) opt.user_pwd,
743 strlen( opt.user_pwd ) );
744
745 if( ret != 0 ) {
746 mbedtls_printf( " failed\n ! mbedtls_base64_encode returned %d\n\n", ret );
747 goto exit;
748 }
749 len = sprintf( (char *) buf, "%s\r\n", base );
750 ret = write_ssl_and_get_response( &ssl, buf, len );
751 if( ret < 200 || ret > 399 )
752 {
753 mbedtls_printf( " failed\n ! server responded with %d\n\n", ret );
754 goto exit;
755 }
756
757 mbedtls_printf(" ok\n" );
758 }
759 #endif
760
761 mbedtls_printf( " > Write MAIL FROM to server:" );
762 fflush( stdout );
763
764 len = sprintf( (char *) buf, "MAIL FROM:<%s>\r\n", opt.mail_from );
765 ret = write_ssl_and_get_response( &ssl, buf, len );
766 if( ret < 200 || ret > 299 )
767 {
768 mbedtls_printf( " failed\n ! server responded with %d\n\n", ret );
769 goto exit;
770 }
771
772 mbedtls_printf(" ok\n" );
773
774 mbedtls_printf( " > Write RCPT TO to server:" );
775 fflush( stdout );
776
777 len = sprintf( (char *) buf, "RCPT TO:<%s>\r\n", opt.mail_to );
778 ret = write_ssl_and_get_response( &ssl, buf, len );
779 if( ret < 200 || ret > 299 )
780 {
781 mbedtls_printf( " failed\n ! server responded with %d\n\n", ret );
782 goto exit;
783 }
784
785 mbedtls_printf(" ok\n" );
786
787 mbedtls_printf( " > Write DATA to server:" );
788 fflush( stdout );
789
790 len = sprintf( (char *) buf, "DATA\r\n" );
791 ret = write_ssl_and_get_response( &ssl, buf, len );
792 if( ret < 300 || ret > 399 )
793 {
794 mbedtls_printf( " failed\n ! server responded with %d\n\n", ret );
795 goto exit;
796 }
797
798 mbedtls_printf(" ok\n" );
799
800 mbedtls_printf( " > Write content to server:" );
801 fflush( stdout );
802
803 len = sprintf( (char *) buf, "From: %s\r\nSubject: mbed TLS Test mail\r\n\r\n"
804 "This is a simple test mail from the "
805 "mbed TLS mail client example.\r\n"
806 "\r\n"
807 "Enjoy!", opt.mail_from );
808 ret = write_ssl_data( &ssl, buf, len );
809
810 len = sprintf( (char *) buf, "\r\n.\r\n");
811 ret = write_ssl_and_get_response( &ssl, buf, len );
812 if( ret < 200 || ret > 299 )
813 {
814 mbedtls_printf( " failed\n ! server responded with %d\n\n", ret );
815 goto exit;
816 }
817
818 mbedtls_printf(" ok\n" );
819
820 mbedtls_ssl_close_notify( &ssl );
821
822 exit:
823
824 mbedtls_net_free( &server_fd );
825 mbedtls_x509_crt_free( &clicert );
826 mbedtls_x509_crt_free( &cacert );
827 mbedtls_pk_free( &pkey );
828 mbedtls_ssl_free( &ssl );
829 mbedtls_ssl_config_free( &conf );
830 mbedtls_ctr_drbg_free( &ctr_drbg );
831 mbedtls_entropy_free( &entropy );
832
833 #if defined(_WIN32)
834 mbedtls_printf( " + Press Enter to exit this program.\n" );
835 fflush( stdout ); getchar();
836 #endif
837
838 return( ret );
839 }
840 #endif /* MBEDTLS_BIGNUM_C && MBEDTLS_ENTROPY_C && MBEDTLS_SSL_TLS_C &&
841 MBEDTLS_SSL_CLI_C && MBEDTLS_NET_C && MBEDTLS_RSA_C **
842 MBEDTLS_CTR_DRBG_C */
843
