一、目的
Gmail的webmail虽然常常报系统遇到错误,用起来不太爽,但是smtp/pop3还是蛮厚道的。
服务稳定,被GFW拦截的概率也小一些,可能是采用SSL加密通讯的缘故吧。所以研究一下gmail的smtp连接还是很有意义的。我们先用手头上的工具进行实际操作,对ssl的连接有个感性的认识,然后用C写一个测试程序,最终的目标是用C++写一个COM可以供ASP调用,当然所谓的C++当然是指基于M$的ATL了,纯C++的COM是学院派的人干的活,作为工程人员应用才是首要目的。为什么要写成COM的,因为纵观网络编程的世界就asp没有实现(或者实现了没有开源)gmail的发信功能,不管jmail还是codsys都没有,可是是没有必要,或者是我孤陋寡闻,其他的php、asp.net、java都很容易实现此功能。在asp遍地的过度,写出来估计还是有一定价值的。
二、要求
- SSL的大致内容,搞清楚C/S间如何握手的就行了
- OpenSSL,开源的成功案例,没有OpenSSL估计我们只能望机兴叹了,搞明白SSL的算法好像不是一两个月能明白的,所有掌握Openssl是必须的,不用太深入,但是起码能知道如何建立ssl的上下文和封装socket的发送和接收。
- C/C++基础,上过理工科的人都应该知道。俺打算用C来写HelloGmail程序,被逼无奈啊,谁让OpenSSL是用C写的呢!
- COM基础,至少要知道COM是如何实现二进制级代码共享的,如何用ATL做COM的。俺得毕业论文是搞fortran和java的混合编程,所以对混合编程情有独钟。当时还不知道有COM这回事,走了很多的弯路:java调c++写的dll,c++的dll调fotran的dll,相当的丑陋 ^^
三、开始
1.简单的认识
我们先在cmd窗口连连gmail看看,把过程弄明白先。由于采用了ssl,所以用普通的telnet是无法直接连接到gmail的smtp的,我们需要openssl构建一个ssl层,由openssl来负责繁琐的ssl协议
我们先要编译OpenSSL,下面这篇博文已经写得很好,俺就不啰嗦了
我在E:/openssl-0.9.8e下
E:/openssl-0.9.8e/out32dll>openssl s_client -connect smtp.gmail.com:465 Loading 'screen' into random state - done CONNECTED(00000790) depth=0 /C=US/ST=California/L=Mountain View/O=Google Inc/CN=smtp.gmail.com verify error:num=20:unable to get local issuer certificate verify return:1 depth=0 /C=US/ST=California/L=Mountain View/O=Google Inc/CN=smtp.gmail.com verify error:num=27:certificate not trusted verify return:1 depth=0 /C=US/ST=California/L=Mountain View/O=Google Inc/CN=smtp.gmail.com verify error:num=21:unable to verify the first certificate verify return:1 --- Certificate chain 0 s:/C=US/ST=California/L=Mountain View/O=Google Inc/CN=smtp.gmail.com i:/C=ZA/ST=Western Cape/L=Cape Town/O=Thawte Consulting cc/OU=Certification S ervices Division/CN=Thawte Premium Server CA/emailAddress=premium-server@thawte. com --- Server certificate -----BEGIN CERTIFICATE----- MIIDYzCCAsygAwIBAgIQYZrZzKZNh1fKVFuUlZ6rKzANBgkqhkiG9w0BAQUFADCB zjELMAkGA1UEBhMCWkExFTATBgNVBAgTDFdlc3Rlcm4gQ2FwZTESMBAGA1UEBxMJ Q2FwZSBUb3duMR0wGwYDVQQKExRUaGF3dGUgQ29uc3VsdGluZyBjYzEoMCYGA1UE CxMfQ2VydGlmaWNhdGlvbiBTZXJ2aWNlcyBEaXZpc2lvbjEhMB8GA1UEAxMYVGhh d3RlIFByZW1pdW0gU2VydmVyIENBMSgwJgYJKoZIhvcNAQkBFhlwcmVtaXVtLXNl cnZlckB0aGF3dGUuY29tMB4XDTA3MDczMDE2NTgwN1oXDTA4MDcyOTE2NTgwN1ow aDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExFjAUBgNVBAcTDU1v dW50YWluIFZpZXcxEzARBgNVBAoTCkdvb2dsZSBJbmMxFzAVBgNVBAMTDnNtdHAu Z21haWwuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDQF2mUMNM+qw/i wMVSP2D0pgKb0M3RyWHBTQkno3W4y5TeH8LALnqv9/+Th4wZ5PrZ7YPQjmCxdtz6 Lm5Yx19nDXNw97or6SXvAoZSF+bwh76UFqxpImAGJzvj8Ro7rNkMidJa+KgGaIng sIcWuqsj0rrK1AXoUHKmO4N5t0c6XwIDAQABo4GmMIGjMB0GA1UdJQQWMBQGCCsG AQUFBwMBBggrBgEFBQcDAjBABgNVHR8EOTA3MDWgM6Axhi9odHRwOi8vY3JsLnRo YXd0ZS5jb20vVGhhd3RlUHJlbWl1bVNlcnZlckNBLmNybDAyBggrBgEFBQcBAQQm MCQwIgYIKwYBBQUHMAGGFmh0dHA6Ly9vY3NwLnRoYXd0ZS5jb20wDAYDVR0TAQH/ BAIwADANBgkqhkiG9w0BAQUFAAOBgQCUoTmFzdJX+2Pz9FhI+H88lFIeBcFnxpPO CHO7zs/J3ZI6ZmkuQm4az89tRqvKvRFrQm2CRlzntqWjSdcsIYlKKGZ32iclpNKw 1aW/Q3IIyyZTTUo9DJezyCrFBV7JxFXOQgYd45+YxPVUNnkw1lTd4RqweuB5p7r4 nObS2EE7cA== -----END CERTIFICATE----- subject=/C=US/ST=California/L=Mountain View/O=Google Inc/CN=smtp.gmail.com issuer=/C=ZA/ST=Western Cape/L=Cape Town/O=Thawte Consulting cc/OU=Certification Services Division/CN=Thawte Premium Server CA/emailAddress=premium-server@thawt e.com --- No client certificate CA names sent --- SSL handshake has read 1025 bytes and written 314 bytes --- New, TLSv1/SSLv3, Cipher is DES-CBC3-SHA Server public key is 1024 bit Compression: NONE Expansion: NONE SSL-Session: Protocol : TLSv1 Cipher : DES-CBC3-SHA Session-ID: AA41A4829FAB5945984CCE49EF1A135703C437F1F169F1BB9D2E8417D6B50B38
Session-ID-ctx: Master-Key: BEE0D063AF73B0645845F359D8E8A488EC33A38497D381C46ECE6F0E7C8DBFB0 2EA5A1EE3FFD583DD111EC9567EE6D8F Key-Arg : None Start Time: 1188884689 Timeout : 300 (sec) Verify return code: 21
|